RE: Issue 226: RFC 3576bis and Renumbering

["Glen Zorn \(gwz\)" <gwz@cisco.com>]

> I think we'd be better off just making Acct-Session-Id a MUST, and
> ignoring the other attributes.

Making Acct-Session-Id a MUST would ensure Diameter compatibility.
User-Name probably needs to be at least a MAY for the same reason.  

 

There are just a few problems with this idea (in the absence of RADIUS accounting).  The first & most obvious is that "sessions" do not exist in RADIUS.  This is because the RADIUS server has no idea when (or if) the session ends or, more subtly, if it actually begins.  All the RADIUS server  knows is that it authorized a session in an Access-Accept; by the time that message arrived at the NAS, the user might already have left.  So, basically, what you are saying seems to be that

1. deploying RADIUS accounting is mandatory AND
2. an undefined but incestuous relationship between separate RADIUS and RADIUS Accounting servers is also mandatory OR
3. the RADIUS and RADIUS Accounting servers must be one and the same

None of those seem like very good ideas to me.  Not to belabor the point, but all these problems have been thought through and solutions designed in http://www.ietf.org/internet-drafts/draft-zorn-radius-logoff-09.txt.  
 
 ...