[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NAIbis effects (Was: Re: NAI decoration: User Identity issues)
> But don't you think the reader
> should be alerted to this potential feature interaction in some
> document?
Yes, we do need to address it somewhere. Perhaps the "RADIUS
implementation issues and fixes" document is the place for this.
> Maybe in the naibis document? In fact, we have two
> choices:
>
> 1) Warn the reader about this interaction, and suggest not
> using returned user name and routing syntax at the same
> time.
I think we need to alert the reader to the consequences. Not every setup
involves roaming, so it may not be an issue.
> 2) Require intermediaries to redo the routing syntax
> when the user name comes back in an Access-Accept.
This is functionality that has been in place for many years and so I'm not
sure we can mandate new behavior. My assumption has been that User-Name
attributes returned in the Access-Accept are not handled the same way that
User-Name attributes in an Access-Request are.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>