[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Guidelines suggested text for checklist:

To: "David B. Nelson" <dnelson@elbrysnetworks.com>
Subject: Re: Guidelines suggested text for checklist:
From: Alan DeKok <aland@nitros9.org>
Date: Fri, 19 Oct 2007 14:54:51 +0200
Cc: radiusext@ops.ietf.org
In-reply-to: <003f01c811b5$0ca8f010$5d1216ac@xpsuperdvd2>
References: <BAY117-F23FDB53BD16CA5177B61E193C10@phx.gbl> <4714AB6C.7000604@deployingradius.com> <004101c80ff3$9f4de150$6401a8c0@NEWTON603> <4714DBE9.7000502@nitros9.org> <003f01c811b5$0ca8f010$5d1216ac@xpsuperdvd2>
User-agent: Thunderbird 2.0.0.6 (X11/20071008)

David B. Nelson wrote:
> Given all the discussion, proposals and counter proposals, I suggest that a
> straw-man draft be made available for additional review, prior to formally
> submitting -01.

  I'll put it online, and post a URL separately.

>       * attributes intended primarily for use within an SDO
>       * attributes intended primarily for use within a group of SDOs.
> 
> DBN: I think what we are saying here is that work not brought to the IETF
> should not request IANA assignments.  We are implicitly reserving the
> IANA-controlled standard RADIUS attribute ID space for use for work
> published via the IETF, or by the Independent RFC-Editor Submission route.
> If that is the case, perhaps we should say so in so many words.

  Yes.  Suggested text:

   Vendors and SDOs are reminded that the standard RADIUS attribute ID
   space, and the enumerated value space for enumerated attributes, are
   reserved for allocation through work published via the IETF, as noted
   in [RFC3575] Section 2.1.  Some vendors and SDOs have historically
   performed self-allocation by assigning vendor-specific meaning to
   "unused" values from the standard RADIUS attribute ID or enumerated
   value space.  This practice MUST NOT be followed.  The IETF process
   discussed above MUST be used instead for allocations from the
   standard spaces.

> DBN:  If the SDOs have an open publication policy, whereby all interested
> parties can obtain a copy of the relevant portions of these standards
> documents, containing the description of RADIUS attributes, this would seem
> redundant.  For example the IEEE, while restricting access to draft
> standards and newly published standards, will typically make the MIB modules
> from their works freely available in text format.

  Good point.

...
>    All other specifications, including new authentication and/or
>    security methods SHOULD be allocated via the standard RADIUS space,
>    via "IETF Consensus" as noted in [RFC3575] Section 2.1.
> 
> DBN: Is this duplicate text, or is the text I've annotated above proposed to
> be replaced by this text?

  I've re-arranged it so that vendors and SDO's have their own sections,
as the guidelines were diverging slightly for them.  As such, some text
is duplicated, with minor edits.  This should be clearer once I post a
proposed draft.

>    Note that the first bullet point above relaxes many of the previous
>    guidelines on data types, but only within a narrowly defined scope.
> 
> DBN:  What exactly do we mean here?  Why are we relaxing previously defined
> guidelines and in what scope?

  I'll post the draft, which will make this clear.

>    Extensions to RADIUS that may not be appropriate for widespread use
>    may be acceptable within a limited context.
> 
> DBN:  This sounds like the start of a slippery slope, especially for a BCP
> document.  :-)

  It's a recognition that site-specific nonsense has a limited scope.

> DBN:  I'm not sure that I can find the most recent text proposed for
> Sections 3.1.1, 3.1.2 and 3.1.3.

  I'll post the draft.

> DBN:  I think it would be useful, however, to insert somewhere among those
> sections a bit of text that describes the "level of care" that is expected
> for RADIUS attributes, encoded as VSAs, but intended for standardization in
> non-IETF SDOs, for use by multiple vendors within an industry segment, or
> within the global Internet community.  I would suggest that the design,
> review and interoperability guidelines for any such VSAs (what I have called
> SSAs) be the same as for full standard RADIUS attributes under IANA
> allocation and IETF review.  The review mechanism would differ, but the
> criteria should not.

  I agree.

> DBN:  Without attempting to specify a particular section, let me suggest
> some additional clarifying text:
...

  OK.  I'll word smith it and integrate it in.

  While I like the term SSA, I'm not sure introducing another acronym
here would help.

  I'll do another pass over the document for consistency and flow of
thought, then post a URL to this list.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: Guidelines suggested text for checklist:
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>
- Re: Guidelines suggested text for checklist:
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Guidelines suggested text for checklist:
  - From: "David B. Nelson" <d.b.nelson@comcast.net>
- Re: Guidelines suggested text for checklist:
  - From: Alan DeKok <aland@nitros9.org>
- RE: Guidelines suggested text for checklist:
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>

Prev by Date: Re: Guidelines suggested text for checklist:
Next by Date: RE: Guidelines suggested text for checklist:
Previous by thread: RE: Guidelines suggested text for checklist:
Next by thread: Re: Guidelines suggested text for checklist:
Index(es):
- Date
- Thread