RE: RFC3576bis and Session State

["Avi Lior" <avi@bridgewatersystems.com>]

See inline......

> Where an Acct-Session-Id or Acct-Multi-Session-Id Attribute is not 
> present in a CoA-Request or Disconnect-Request,

Alan wrote:

  the User-Name or Chargeable-User-Identity attributes may be sufficient
to uniquely identify the session.  However, if the same user has
multiple sessions on the NAS, or if the privacy NAI is used, that
information may be insufficient to uniquely identify a session.  Session
identification MAY be performed by using one or more of the
Called-Station-Id, Calling-Station-Id,  NAS-Port and NAS-Port-Id
attributes.

[Avi] Or having only the User-Name or CUI (or a VSA) is exactly what I
want to do.  In this case I want to effect all of the user's sessions.

> I can add a sentence to Section saying "A NAS implementing this 
> specification SHOULD send an Acct-Session-Id or Acct-Multi-Session-Id 
> Attribute within an Access-Request."

Alan wrote:

   Yes.  Also note that doing so makes the CoA network much simpler and
more robust.  I would prefer it to be a MUST, but that's probably too
strong.  Maybe a strong recommendation in addition to SHOULD.

[Avi] No. Not even a SHOULD.  It will be up to deployements to decide
which attributes to include and where. As I said again and again,
Acct-Session-Id is often useless.

   Alan DeKok.

--

to unsubscribe send a message to radiusext-request@ops.ietf.org with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>