[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Scope of applicability for CUI
Barney Wolff wrote in response to David Nelson:
Given this description of CUI, what is the utility of the opaque data
format of CUI? I understand that opaqueness can be rendered transparent
with the bilateral sharing of proprietary information, pursuant to a
business contract. However, that exception notwithstanding, if the
intent of CUI is visibility and utility to the NAS and to the Proxies, I
suggest that the opaque data format be removed from the draft.
Whether the CUI is opaque or an NAI does not change the fact that
it should be meaningful only to the home server. The only test
that the NAS/proxy should be able to make on CUI is for equality
to some previously seen CUI. Otherwise the privacy of the user has
been compromised for no legitimate reason. A business agreement
on how long a one-to-one relation between CUI and the "true" user
identity must persist does not depend in any way on the form of the
CUI. Given that, I would have said the opposite, that CUI should
always be an opaque octet string.
And then David Nelson responded:
Well, you and Avi seem to agree on this, but if that is the
case, how is CUI different from Class?
As others have pointed out, CUI contents are still meant to be
looked at, just that the only basic operation expected to be
done for them is equality test.
But this brings me to a new issue. Remember how we agreed that
CUI helps in policy decisions, such as the one-session-at-a-time
rule. My question is whether there's a second utility which
is not quite as apparent because it operates again at the
"billing layer" which is not standardized. We can make CUI
an opaque entity, only designed for the equality test. An
opaque CUI can also be used as a billing handle, as long
as organizations X and Y agree that they are using the CUIs
in this process, either in the RADIUS accounting messages
or in the postprocessing/billing transactions or in both.
However, looking at the definition of the CUI, it seems
that people want *also* the ability to use a cleartext
user handle of a specific format. One reason for wanting
to do this would be to, say, be able to feed the identity
to an existing roaming/accounting/billing system that can
only support a specific type of an identity. Is this
the reason why we have non-opaque values in the document
too? Or is there some other reason, such as tracing/
legal interception/logging need to see actual user
identities?
--Jari
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>