[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Scope of applicability for CUI

To: <radiusext@ops.ietf.org>
Subject: RE: Scope of applicability for CUI
From: "Nelson, David" <dnelson@enterasys.com>
Date: Tue, 21 Dec 2004 16:47:56 -0500

Barney Wolf writes...

> Whether the CUI is opaque or an NAI does not change the fact that
> it should be meaningful only to the home server.  The only test
> that the NAS/proxy should be able to make on CUI is for equality
> to some previously seen CUI.  Otherwise the privacy of the user has
> been compromised for no legitimate reason.  A business agreement
> on how long a one-to-one relation between CUI and the "true" user
> identity must persist does not depend in any way on the form of the
> CUI.  Given that, I would have said the opposite, that CUI should
> always be an opaque octet string.

Well, you and Avi seem to agree on this, but if that is the case, how is
CUI different from Class?



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Issue: Transparency (e.g. NAS visibility of) CUI
Next by Date: RE: Scope of applicability for CUI
Previous by thread: RE: Scope of applicability for CUI
Next by thread: RE: Scope of applicability for CUI
Index(es):
- Date
- Thread