RE: Issue 226: RFC 3576bis and Renumbering

["David B. Nelson" <dnelson@elbrysnetworks.com>]

Bernard Aboba writes...

   A NAS MUST respond to a CoA-Request including a Service-Type
   Attribute with value "Authorize Only" with a CoA-NAK; a CoA-ACK MUST
   NOT be sent.  If the NAS does not support a Service-Type value of
   "Authorize Only" then it MUST respond with a CoA-NAK; an Error-Cause
   value of 405 (Unsupported Service) SHOULD be included.

   A CoA-Request containing a Service-Type Attribute with value
   "Authorize Only" MUST in addition contain only NAS or session
   identification attributes, as well as a State Attribute.  If other
   attributes are included in such a CoA-Request, a CoA-NAK MUST be
   sent; an Error-Cause Attribute with value 401 (Unsupported Attribute)
   SHOULD be included.

I've never implemented RFC 3576, so please excuse me if I ask silly
questions.  If the RADIUS Server / Dynamic Access Client receives a CoA-NAK,
in response to a CoA-Request, it means that Service-Type of "Authorize-Only"
is not supported by the RADIUS Client / Dynamic Access Server, whether not
the Error-Cause attribute is present?

Are there other cases when Error-Cause is absent and it means something
else?



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>