[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Questions on RADIUS Extended attributes
- To: "Alan DeKok" <aland@nitros9.org>, "Bernard Aboba" <bernard_aboba@hotmail.com>
- Subject: RE: Questions on RADIUS Extended attributes
- From: "Glen Zorn \(gwz\)" <gwz@cisco.com>
- Date: Wed, 16 Aug 2006 09:29:20 -0700
- Authentication-results: sj-dkim-1.cisco.com; header.From=gwz@cisco.com; dkim=pass ( sig from cisco.com verified; );
- Cc: <radiusext@ops.ietf.org>
- Dkim-signature: a=rsa-sha1; q=dns; l=1006; t=1155745762; x=1156609762; c=relaxed/simple; s=sjdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=gwz@cisco.com; z=From:=22Glen=20Zorn=20\(gwz\)=22=20<gwz@cisco.com> |Subject:RE=3A=20Questions=20on=20RADIUS=20Extended=20attributes=20; X=v=3Dcisco.com=3B=20h=3DozUL88US95ffVhpOEaM8mzvE0qI=3D; b=T0FlO/z+vxXIi6m+gHwGUZjA2CEo2fpCCi4fX+AQp3L5ugvtCiaTWKssVcmH2/PQkXi+rkHm +iQS2cCIOgTpaOxCgDfY7WcwMEcqDQXlrD9DaHqy8LBziMvkrB+DZDHs;
Alan DeKok <> supposedly scribbled:
> "Bernard Aboba" <bernard_aboba@hotmail.com> wrote:
>> a. Do we want an Extended-Type field of two or four octets? If it is
>> four octets, this would seem to imply that RADIUS attributes and
>> Diameter AVPs share the same type space. Will this work? If it is
>> two octets, we could reserve 65535 values within the existing
>> Diameter attribute space for RADIUS Extended-Type attributes.
>> Opinions solicited.
>
> I think 2 octets is OK. There are nowhere near 64k RADIUS
> attributes in existence today, even including VSA's. So 64k would
> seem to be sufficient for a while.
A master of understatement ;-). Actually, I suspect that another 256 would be more than enough, if there was a rational (or any) AAA development strategy in the IETF; probably even without one.
Hope this helps,
~gwz
Why is it that most of the world's problems can't be solved by simply
listening to John Coltrane? -- Henry Gabriel
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>