[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue 38: Ordering of filter attributes
This makes sense to me. I wonder if the relationship with Filter-ID
should also be mentioned here.
> -----Original Message-----
> From: owner-radiusext@ops.ietf.org
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Bernard Aboba
> Sent: Monday, December 13, 2004 6:49 PM
> To: radiusext@ops.ietf.org
> Subject: Issue 38: Ordering of filter attributes
>
> Issue 38: Ordering of Filter Attributes
> Submitter name: Bernard Aboba
> Submitter email address: aboba@internaut.com Date first
> submitted: December 13, 2004
> Reference:
> Document: Congdon-02
> Comment type: T
> Priority: S
> Section: 2.7
> Rationale/Explanation of issue:
> Section 2.7 does not state that NAS-Filter-Rule attributes
> shouldn't be reordered by RADIUS proxies. Since reordering
> can change the meaning of filter lists, reordering cannot be allowed.
>
> The addition of the following text is recommended:
>
> "If multiple NAS-Filter-Rule attributes are contained within
> an Access-Request or Access-Accept packet they MUST be in
> order and they MUST be consecutive attributes in the packet.
> RADIUS proxies MUST NOT reorder NAS-Filter-Rule attributes.
>
> The RADIUS server can return NAS-Filter-Rule attributes in an
> Access-Accept packet. Where more than one NAS-Filter-Rule
> attribute is included, it is assumed that the attributes are
> to be concatenated to form a single filter list."
>
>
> --
> to unsubscribe send a message to
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>