RE: backwards compatible introduction of NEW attribute such as CUI

["Nelson, David" <dnelson@enterasys.com>]

Lothar Reith writes (still in HTML!)...

> to a) what would be "the appropriate helpdesk" in a WLAN roaming
> scenario ?

This is an important question for those in the "roaming consortium" business, as well as home ISPs, to answer.  I remember the "bad old days" before seamless roaming for cellular telephony. Only the brave and the technically savvy were able to use roaming services effectively.  Today, I expect to be able to dial 611 on my cell phone wherever I am and get appropriate assistance. (Of course, talking to a human still requires an Act of Congress -- but I digress :-)  If WLAN roaming wants to be successful, IMHO, the industry needs to make it as transparent as cellular roaming.

> Also, should the error message say: did not support CUI or perhaps
> supports CUI but did not advertise ? 

You seem to think the "supports CUI but did not advertise" scenario is reasonable, and I disagree. I really can't comment, other than to repeat myself.

> A related question is if the server counts an authentication request
> rejected due to missing knowledge about the NASes CUI support as an
> unsuccessful login attempt with regards to security thresholds ?

That is likely an implementation decision.  Personally, I would tend to count it as "failed to meet policy requirements" as apposed to "failed to authenticate".


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>