RE: backwards compatible introduction of NEW attribute such as CUI

[<john.loughney@nokia.com>]

David,

> (a) print a readable text message to the user (human) that will
> stimulate an informed call to the appropriate help desk,  or
> 
> (b) instruct the NAS to perform a different form of authentication
> request, or include different attributes, or
> 
> (c) stimulate the NAS to perform an automatic, on-line, 
> firmware upgrade
> to acquire the missing, but desired, functionality?
> 
> If the desire is (a), a simple, printable message that describes the
> authentication policy conditions that are not being met (in layman's
> terms) would be appropriate.
> 
> If the desire is (b), I offer two further observations.  (1) If the NAS
> supported the desired attribute (and was configured to provide it) it
> would probably have done so in the first instance.  Unassisted
> corrective action is unlikely. (2) If we are talking about introducing
> PPP-style capabilities/option negotiation, I still think that is a
> slippery slope and a substantial effort to get it right and obtain
> interoperability.
> 
> If the desire is (c) I'd like to buy one, please.  :-)

I think a) is definately the case, b) may be applicable if the NAS can support
'classic' authentication mechanisms and CUI authentication.   However, if the
NAS does not support CUI, then the proper outcome would be a).

John

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>