[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue: Transparency (e.g. NAS visibility of) CUI
David,
Opaque value was used in Diameter.
Also, see inline.
> -----Original Message-----
> From: Nelson, David [mailto:dnelson@enterasys.com]
> Sent: Tuesday, December 21, 2004 4:46 PM
> To: radiusext@ops.ietf.org
> Subject: RE: Issue: Transparency (e.g. NAS visibility of) CUI
>
>
> > Infact, I think that only the oqaque value should have been
> placed in
> the
> > draft in the first place. SDOs then can define what format
> they want
> to
> > use.
>
> I completely disagree. This is the sort of loose definition
> that has caused interoperability issues with RADIUS in the past.
>
> This attribute should not be viewed as an "opaque transport
> mechanism" for SDOs and individual vendors to create
> proprietary, non-interoperable implementations that appear to
> have the imprimatur of IETF standardization.
>
> > One it allows the home network to create a handle for the
> user that is
> > private. It's a number that represents the user for a
> period of time.
>
> Hmmm... I'm confused. Is the CUI private to the Home AAA
> server? In that case Class will do as well, so I think this
> cannot be a valid justification.
Sorry being rushed here a bit. Handle for the user that makes the identity
private. It's a handle to an assertion made by the home network that states
that this Auth/Auth represents a unique user in my network.
> > As well, the opaque value allows an SDO to define another format for
> the
> > CUI without the need to go to the IETF.
>
> Which, IMHO, is a Bad Thing (tm). At least without some form
> of IETF action, such as Expert Review, as part of the IANA
> considerations section.
Well. We can agree to disagree here. IETF defines the protocol. The value
can be defined by any other community that wishes to interoperate. No need
to burden IANA or IETF. After all we are talking about a value for an
attribute.
The only time you would need to go to IETF is when that group seeks to
Interoperate in a more global sense.
>
>
> --
> to unsubscribe send a message to
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>