[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: User Identity issues



Bernard Aboba writes...

> As Blair notes, there are cases where the Accounting data needs
> to follow the same path as Authorization, and User-Name rewriting
> can break that.

I generally understand that the issue is multi-party
brokering/mediation.  There are multiple entities that need to get their
"cut" of the revenue associated with the user's session.  Does that
imply that the accounting requests need to traverse the same path as the
authentication requests?  Does each entity need to maintain their own
accounting logs, or do the entities trust one central clearing house to
give then their fair share of revenue?  If the latter is true, then it
would seem that accounting requests could be sent directly to the
central clearing house, along with some indication of the list of
parties involved, so that the revenue allocation can be calculated and
distributed.

I guess what I'm asking is that the business-domain problem be clearly
defined before we attempt to create a protocol-domain solution that
meets the business requirements.

--  Dave



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>