[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Issue: Treatment of null Identity Response
"Nelson, David" <dnelson@enterasys.com> wrote:
> Asked another way, is there any actual authentication or
> authorization decision that a RADIUS server makes based on the
> content of the User-Name in this specific scenario?
Yes, but I don't think it's related to the NULL identity response
problem. A follow-up question is:
Q1: If a server receives Calling-Station-Id, and sees that the value
of the identity is the same as the Calling-Station-Id, what does it
do?
A1: I don't recall any currently mandated behavior. It's up to local policy.
Q2: How does a server distinguish this situation (which may occur
today) from the proposed mandated behavior for NULL identity
response?
A2: I have no idea. I don't know that it can distinguish them.
If the situations can be distinguished, then we can mandate server
behavior here. If the situations can't be distinguished, then
mandating server behavior will change existing deployments and
practices.
Alan DeKok.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>