[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RFC 3576bis discussion at IETF 68

To: radiusext@ops.ietf.org
Subject: RFC 3576bis discussion at IETF 68
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
Date: Wed, 21 Mar 2007 03:25:00 -0700
Bcc:
In-reply-to: <4C0FAAC489C8B74F96BEAD85EAEB262503A565DF@xmb-sjc-215.amer.cisco.com>

As part of the RFC 3576bis discussion, it was suggested that RFC 3576bisremove mention of the Nonce attribute, since this did not really addressreplay protection. Also, it should be clarified that the Event-Timestampattribute does NOT require changing the Identifier on a retransmision; theEvent-Timestamp refers to the time of the original transmission, andtherefore does not need to change on a re-transmission.

Also, it was pointed out that Event-Timestamp does not require synchronizedclocks, only for the RADIUS server to remember the last value for a givenNAS, and to make sure that it is monotonically increasing.


Any objections to implementing these suggestions in RFC 3576bis-01?



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: RFC 3576bis discussion at IETF 68
  - From: Alan DeKok <aland@nitros9.org>

References:
- Remove replay protection stuff from cryptoagility reqs.
  - From: "Glen Zorn \(gwz\)" <gwz@cisco.com>

Prev by Date: Remove replay protection stuff from cryptoagility reqs.
Next by Date: Publication of RADIUS Prepaid Document
Previous by thread: Remove replay protection stuff from cryptoagility reqs.
Next by thread: Re: RFC 3576bis discussion at IETF 68
Index(es):
- Date
- Thread