[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Proposed Resolution of Issue 223: Event-Timestamp and Duplicate Detection



RADIUS clients implementing this specification MUST be capable of
detecting a duplicate request if it has the same source IP
address, source UDP port and Identifier within a short span of time.

On RADIUS clients that support the Event-Timestamp Attribute for replay protection, the time window used for duplicate detection MUST be the same as the window used to detect stale Event-Timestamp Attributes.

In looking at the original text, it would appear that support for Event-Timestamp based replay detection is required on RADIUS clients implementing RFC 3576; it is support on servers that is optional. Therefore, the second sentence above should probably be:

"The time windows used for duplicate detection MUST be..."



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>