[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Review of Management Authorization -00 document

To: <Bernard_Aboba@hotmail.com>, <radiusext@ops.ietf.org>
Subject: RE: Review of Management Authorization -00 document
From: "David B. Nelson" <d.b.nelson@comcast.net>
Date: Mon, 19 Nov 2007 02:11:27 -0500
In-reply-to: <BAY117-DS31CD83DC4DB030DBD79D2937E0@phx.gbl>
References: <BAY117-F27713262C7B703C9D83BD193880@phx.gbl> <000a01c8208a$ebde28c0$091716ac@xpsuperdvd2> <092b01c82a03$f70a1240$6401a8c0@NEWTON603> <BAY117-DS356E6A3236C5C6875271A937D0@phx.gbl> <0ba901c82a68$193ca7b0$6401a8c0@NEWTON603> <BAY117-DS31CD83DC4DB030DBD79D2937E0@phx.gbl>

> > It would probably mean telnet, although it could also mean some
> > other form of remote terminal service (e.g. rlogin).  It would 
> > certainly mean "over TLS".
> 
> I think that the meaning needs to be well defined.

Hmmm.  The NAS-Prompt Service-Type works for all of: local console
connections, telnet, rlogin, ssh, (and more) remote connections.  The only
thing we are trying to specify here is whether the remote terminal service
is being carried over a secure transport.  Do we really care what the
application layer protocol is?  I think that what we care about is whether
it over a secure or non-secure transport.

This feature relies on the authorization module of the NAS being aware of
the transport layer being used by the remote terminal connection, and
ensuring that it matches the provisioned parameters.

For SSH and TLS I believe that is possible.




--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: Review of Management Authorization -00 document
  - From: <Bernard_Aboba@hotmail.com>

References:
- Review of Management Authorization -00 document
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>
- RE: Review of Management Authorization -00 document
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: Review of Management Authorization -00 document
  - From: "David B. Nelson" <d.b.nelson@comcast.net>
- Re: Review of Management Authorization -00 document
  - From: <Bernard_Aboba@hotmail.com>
- RE: Review of Management Authorization -00 document
  - From: "David B. Nelson" <d.b.nelson@comcast.net>
- Re: Review of Management Authorization -00 document
  - From: <Bernard_Aboba@hotmail.com>

Prev by Date: Re: Review of Management Authorization -00 document
Next by Date: RE: Review of Management Authorization -00 document
Previous by thread: Re: Review of Management Authorization -00 document
Next by thread: Re: Review of Management Authorization -00 document
Index(es):
- Date
- Thread