[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue: Attribute restriction

To: <radiusext@ops.ietf.org>
Subject: RE: Issue: Attribute restriction
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Mon, 28 May 2007 18:02:55 -0700

I think it is trying to say is that the Access-Request SHOULD contain at least the NAS and session identification attributes.  It shouldn't be implying that no other attributes are permitted.  

Can you think of a way to make this more clear?

For example, we could add "The Access-Request MAY also contain other attributes as needed." 


________________________________
> Subject: RE: Issue: Attribute restriction
> Date: Mon, 28 May 2007 11:28:40 -0400
> From: avi@bridgewatersystems.com
> To: bernard_aboba@hotmail.com; radiusext@ops.ietf.org
> 
> Bernard,
> Dont forget that in RADIUS Location Draft we want to include location information in this message.
> Recall, that if the NAS provided location information in an Access-Request (either because it was configured to do so, or because it received a challenge) then when issueing the Access-Request due to the receipt of COA (Authorize-Only) we want it to also include the location information.  Thus this will avoid the AAA server from challenging it again to provide location information.
> How do you want to deal with that?  Do we let that Draft specify this or do you want to align the draft.
> ________________________________
> From: owner-radiusext@ops.ietf.org [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Bernard Aboba
> Sent: Saturday, May 26, 2007 10:27 AM
> To: radiusext@ops.ietf.org
> Subject: Issue: Attribute restriction
> Issue:  Attribute Restriction
> Submitter name: Bernard Aboba
> Submitter email address: aboba@internaut.com
> Date first submitted: May 26, 2007
> Reference:
> Document: RFC3576bis-06
> Comment type: Technical
> Priority: S
> Section: 3.2
> Rationale/Explanation of issue:
> Section 3.2 contains the following sentence:
>    This Access-Request SHOULD contain the NAS
>    identification attributes from the CoA-Request, as well as the
>    session identification attributes from the CoA-Request legal for
>    inclusion in an Access-Request as specified in [RFC2865], [RFC2868],
>    [RFC2869] and [RFC3162].
> This sentence appears to imply that only session identification attributes
> from [RFC2865], [RFC2868], [RFC2869] and [RFC3162] can be included in the
> Access-Request.  In fact, RFC 3576bis adds Chargeable-User-Identity to the
> list of session identification attributes; this is defined in a document
> that is not listed.
> The proposed resolution is to change this sentence to:
>    This Access-Request SHOULD contain the NAS
>    identification attributes from the CoA-Request, as well as the
>    session identification attributes from the CoA-Request legal for
>    inclusion in an Access-Request.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: RFC3576bis and Session State
Next by Date: Re: RFC3576bis and Session State
Previous by thread: RE: Issue: Attribute restriction
Next by thread: RE: RFC3576bis and Session State
Index(es):
- Date
- Thread