Re: Questions on modified Extended Attribute format?

[Alan DeKok <aland@nitros9.org>]

Glen Zorn wrote:
> I understand, & sympathize; I think that it's important to remember that a
> major reason that we ended up in the position of having multiple external
> SDOs defining their own mutually incompatible VSAs is that we (the IETF)
> refused to address RADIUS' problems in a useful and meaningful way.  We have
> an opportunity now to ameliorate if not solve that problem; I don't think
> that we should pass it up.

  If we're going to re-design the attribute format from scratch again,
I'd like to know what we've accomplished in the past year.  There were
proposals that were ugly, but solved almost all of the concerns that
were raised.  This includes the ability to group legacy RADIUS
attributes in a "new" format.

  The one show-stopper I see is putting standard RADIUS attributes into
a VSA.  If this has *zero* impact on implementations that don't
understand the new format, then it would be acceptable.  Otherwise, it's
an incompatible change to RADIUS.

  If we can't put standard attributes into the new format, then we
should just pick a better format, and ideally one that's been deployed.
 The WiMAX format (plus grouping) seems to fit that definition fairly well.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>