Is the cost of breaking backward compatibility worth the removal of the Nonce attribute?
PatC
-----Original Message-----
From: Bernard Aboba [mailto:bernard_aboba@hotmail.com]
Sent: Wednesday, March 21, 2007 03:25 AM Pacific Standard Time
To: radiusext@ops.ietf.org
Subject: RFC 3576bis discussion at IETF 68
As part of the RFC 3576bis discussion, it was suggested that RFC 3576bis
remove mention of the Nonce attribute, since this did not really address
replay protection. Also, it should be clarified that the Event-Timestamp
attribute does NOT require changing the Identifier on a retransmision; the
Event-Timestamp refers to the time of the original transmission, and
therefore does not need to change on a re-transmission.
Also, it was pointed out that Event-Timestamp does not require synchronized
clocks, only for the RADIUS server to remember the last value for a given
NAS, and to make sure that it is monotonically increasing.
Any objections to implementing these suggestions in RFC 3576bis-01?
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>