[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AW: AW: Comments to draft-ietf-radext-digest-auth-00.txt
Miguel,
You wrote:
>
> I think my role is to highlight the differences and limits of both
> drafts, it is up to the WG to decide whether the solution is to expand
> the scope of the RADIUS draft to include authorization or not.
That's the point. The alternatives are:
A. limit radext-digest-auth to authentication
Pro: the draft is useful for other protocols, like HTTP or even TURN
(HTTP compatibility is a requirement of 3GPP2).
Con: a RADIUS/Diameter gateway is not possible as SIP-AOR is missing
B. extend radext-digest-auth with attributes relevant for SIP authorization
Pro: easy translation between RADIUS and Diameter
Con: no more compatibility with other protocols using digest authentication
(as SIP-AOR usage is mandatory)
A variation of A would be to put SIP authorization attributes into a separate
document. This document would reference radext-digest-auth and define RADIUS/Diameter
translation (which could be removed from radext-digest-auth).
A variation of B would be to define SIP-AOR and say "this attribute is MANDATORY
if the RADIUS client deals with SIP messages".
Wolfgang
--
T-Systems
Internet Platforms
+49 6151 937 2863
Am Kavalleriesand 3
64295 Darmstadt
Germany
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>