[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Issue: Attribute restriction

To: <radiusext@ops.ietf.org>
Subject: Issue: Attribute restriction
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Sat, 26 May 2007 07:26:54 -0700

Issue: Attribute Restriction
Submitter name: Bernard Aboba
Submitter email address: aboba@internaut.com
Date first submitted: May 26, 2007
Reference:
Document: RFC3576bis-06
Comment type: Technical
Priority: S
Section: 3.2
Rationale/Explanation of issue:

Section 3.2 contains the following sentence:

   This Access-Request SHOULD contain the NAS
   identification attributes from the CoA-Request, as well as the
   session identification attributes from the CoA-Request legal for
   inclusion in an Access-Request as specified in [RFC2865], [RFC2868],
   [RFC2869] and [RFC3162].  

This sentence appears to imply that only session identification attributes 
from [RFC2865], [RFC2868], [RFC2869] and [RFC3162] can be included in the 
Access-Request.  In fact, RFC 3576bis adds Chargeable-User-Identity to the 
list of session identification attributes; this is defined in a document
that is not listed.

The proposed resolution is to change this sentence to:

   This Access-Request SHOULD contain the NAS
   identification attributes from the CoA-Request, as well as the
   session identification attributes from the CoA-Request legal for
   inclusion in an Access-Request.

Follow-Ups:
- RE: Issue: Attribute restriction
  - From: "Avi Lior" <avi@bridgewatersystems.com>
- RE: Issue: Attribute restriction
  - From: "David B. Nelson" <d.b.nelson@comcast.net>
- Re: Issue: Attribute restriction
  - From: Alan DeKok <aland@nitros9.org>

Prev by Date: RFC3576bis and Session State
Next by Date: RFC3576bis and Session State
Previous by thread: Issue: Consolidation of "Authorize Only" Text
Next by thread: Re: Issue: Attribute restriction
Index(es):
- Date
- Thread