[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Isms] RE: Follow up on Authorize Only issue



Dave Harrington writes...

> But "provisioning SNMP parameters" explicitly does not include mapping
> to the access control subsytem; ...

I don't read that in the charter.  You apparently read it between the
lines.  Defining a new Access Control Subsystem or making changes to
VACM is explicitly out of scope.

> ...that is a separate issue that is out of scope for the WG,
> and should be dealt with in a separate document when such a
> document is included in a subsequent ISMS charter.

We've had this discussion many months ago.  My opinion hasn't changed.
I think that providing a way for RADIUS to provision group membership
information that can be used to map into any Access Control Subsystem
ought to be part of the work.  Especially if it does not actually affect
the architectural model, and is accomplished in an implementation
dependent fashion.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>