[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: AW: Privacy (Was: Re: NAI decoration: User Identity issues)



In proxy scenarios a RADIUS intermediary acts as a server and a client.

The Intermediary (acting as a server) can *completely* re-write the username
attribute as it sends the access accept message to its client. 

The only requirement is that a Client (in this case the intermediary )
replace the username that it received from it's server in the Acccounting
Messages that it sends to that server.

Because of this behavior it is *not* guaranteed that RADIUS Intermediaries
or the NAS will actually see what the home network has placed in the
username attribute in the access request.

User-Identity-Alias seperates the routing out and allows us to have cleaner
solutions.



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>