[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IESG review comments on the RADIUS Issues and Fixes draft



You might define what is meant by an "authentication attribute" (e.g. EAP-Message, User-Password, etc.).

> Date: Fri, 6 Jul 2007 14:16:20 +0200
> From: aland@nitros9.org
> To: dnelson@elbrysnetworks.com
> CC: radiusext@ops.ietf.org
> Subject: Re: IESG review comments on the RADIUS Issues and Fixes draft
>
> David B. Nelson wrote:
> >>From the IETF ID-Tracker database:
> >
> > Date and Time: 2007-07-03, 11:39:58
> > Document: draft-ietf-radext-fixes
> > Version: 04
> > Commented by: Tim Polk
> > Comment: I personally find this text in the last sentence in section 2.1.1
> > to be unclear:
> >
> > "neither including an authentication attribute nor a Service-Type attribute"
>
> Suggested text:
>
> As defined in [RFC 2865] Table 5.44, Access-Request packets MAY
> contain a State attribute. We extend that definition here, to say
> that Access-Request packets that contain an authentication attribute
> or a Service-Type attribute with the value Call Check (10) MAY contain
> a State attribute. Access-Request packets not matching the above
> description MUST contain a State attribute.
>
> Alan DeKok.
>
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>