AW: AW: Comments to draft-ietf-radext-digest-auth-00.txt

["Beck01, Wolfgang" <BeckW@t-systems.com>]

Miguel,

You wrote:
> 
> I think my role is to highlight the differences and limits of both 
> drafts, it is up to the WG to decide whether the solution is to expand 
> the scope of the RADIUS draft to include authorization or not.
That's the point. The alternatives are:
A. limit radext-digest-auth to authentication
Pro: the draft is useful for other protocols, like HTTP or even TURN
(HTTP compatibility is a requirement of 3GPP2).
Con: a RADIUS/Diameter gateway is not possible as SIP-AOR is missing

B. extend radext-digest-auth with attributes relevant for SIP authorization
Pro: easy translation between RADIUS and Diameter
Con: no more compatibility with other protocols using digest authentication
(as SIP-AOR usage is mandatory)

A variation of A would be to put SIP authorization attributes into a separate
document. This document would reference radext-digest-auth and define RADIUS/Diameter
translation (which could be removed from radext-digest-auth).

A variation of B would be to define SIP-AOR and say "this attribute is MANDATORY
if the RADIUS client deals with SIP messages".

Wolfgang

--
T-Systems
Internet Platforms
+49 6151 937 2863
Am Kavalleriesand 3
64295 Darmstadt
Germany 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>