[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Issue: Acct-Session-Id clarification
Issue: Acct-Session-Id clarification
Submitter name: Bernard Aboba
Submitter email address: aboba@internaut.com
Date first submitted: May 24, 2007
Reference:
Document: RFC3576bis-06
Comment type: Technical
Priority: S
Section: 3
Rationale/Explanation of issue:
It has been pointed out that the Acct-Session-Id attribute is not mandatory in Access-Requests and that a Dynamic Authorization Client will not necessarily have access to information sent in Accounting-Request packets. This point seems worth addressing explicitly.
The proposed resolution is to insert the following text in Section 3:
As noted in [RFC2866] Section 5.5:
An Accounting-Request packet MUST have an Acct-Session-Id. An
Access-Request packet MAY have an Acct-Session-Id; if it does,
then the NAS MUST use the same Acct-Session-Id in the Accounting-
Request packets for that session.
Since the Acct-Session-Id is optional in Access-Requests, if the
Dynamic Authorization Client only has access to attributes sent to or
by the RADIUS authentication server, then it will not necessarily
know the Acct-Session-Id of the session it is attempting to target.