[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Determining WG consensus on Issue 226: RFC 3576bis and Renumbering

To: <radiusext@ops.ietf.org>
Subject: RE: Determining WG consensus on Issue 226: RFC 3576bis and Renumbering
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Mon, 4 Jun 2007 08:30:47 -0700

I think that these issues could definitely apply to VSAs included in a CoA-Request.  I'm not aware that they apply to other standard attributes, though (e.g. other RFC 3576 session identification attributes don't seem to be useful for authorization change).  


----------------------------------------
> From: dnelson@elbrysnetworks.com
> To: radiusext@ops.ietf.org
> Subject: RE: Determining WG consensus on Issue 226: RFC 3576bis and Renumbering
> Date: Mon, 4 Jun 2007 11:17:05 -0400
> 
> > 1. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier attributes
> > in Disconnect-Request & CoA-Request packets, only for identification. 
> > Changing the address would require a Service-Type=Authorize Only.  This
> > was what we had in -05.
> >
> > 2. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier attributes
> > in Disconnect-Requests for identification.  In CoA-Request packets allow 
> > them only for address change.  
> >
> > 3. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier address
> > attributes in Disconnect-Request & CoA-Request packets only for address
> > change.  Invent new attributes for identification.  This was initially
> > proposed for -07. 
> >
> > 4. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier address
> > attributes in Disconnect-Request & CoA-Request packets only for
> > identification.  Invent new attributes for address change. 
> >
> > 5. Prohibit use of Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier
> > attributes for session identification.  Permit their use only in CoA-
> > Request packets, for use in address change.  This is what we have in -07. 
> 
> It seems to me that these options would apply equally to any attribute that
> could be either (a) a session identifier attribute or (b) a session
> re-authorization provisioning attribute.  This would include the use of
> VSAs, as discussed in another message.
> 
> Right?
> 
> 
> 
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Issue 238: Identification of multiple sessions
Next by Date: RFC 3576bis and Renumbering: Some thoughts
Previous by thread: Re: Determining WG consensus on Issue 226: RFC 3576bis and Renumbering
Next by thread: Issue 238: Identification of multiple sessions
Index(es):
- Date
- Thread