[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Scope of applicability for CUI

To: 'Alan DeKok' <aland@ox.org>, radiusext@ops.ietf.org
Subject: RE: Scope of applicability for CUI
From: Avi Lior <avi@bridgewatersystems.com>
Date: Tue, 21 Dec 2004 16:39:39 -0500

The business cases for CUI have already been stated.  And I think the next
email shows yet another driver.

I belive we already state why Class does not work and why CUI was choosen.

> -----Original Message-----
> From: Alan DeKok [mailto:aland@ox.org] 
> Sent: Tuesday, December 21, 2004 3:09 PM
> To: radiusext@ops.ietf.org
> Subject: Re: Scope of applicability for CUI
> 
> 
> Avi Lior <avi@bridgewatersystems.com> wrote:
> > Yes there is only one instance. But that is the least of the 
> > differences. Unlike Class, CUI is supposed to be interpreted by the 
> > client.  In so far that the client knows the CUI is 
> assertion by the 
> > Home Network that this is a handle to a subscriber.
> 
>   If the main purpose of the CUI is to give an opaque handle 
> to a subscriber so proxies can control multiple logins, then 
> I'm not sure what it gains us.  The home server can limit 
> multiple logins, so the proxy server doesn't have to.  As 
> Emile said, if the proxy server doesn't trust the home server 
> to manage multiple logins, it shouldn't trust the home server 
> to create the same CUI for the same user.
> 
>   The main benefit I see is that the multiple login use of 
> the CUI is managed by the proxy server, which means the home 
> servers can be simpler to configure.
> 
>   If that's the main reason for CUI, then I would like to see 
> a sentence or two in the document explaining the different 
> approaches, the issues with CUI, and why this approach was chosen.
> 
>   I'm not opposing it, I just want the reasons for choosing 
> it to be clear 3 years from now to people outside of radiusext.
> 
>   Alan DeKok.
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Re: Scope of applicability for CUI
Next by Date: RE: Scope of applicability for CUI
Previous by thread: RE: Scope of applicability for CUI
Next by thread: RE: Scope of applicability for CUI
Index(es):
- Date
- Thread