[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions on modified Extended Attribute format?

To: Glen Zorn <glenzorn@comcast.net>
Subject: Re: Questions on modified Extended Attribute format?
From: Alan DeKok <aland@nitros9.org>
Date: Thu, 03 Jan 2008 05:13:10 +0100
Cc: radiusext@ops.ietf.org
In-reply-to: <005601c8496f$9e430910$dac91b30$@net>
References: <003401c83a92$db6ed850$924c88f0$@net> <47729084.8060206@nitros9.org> <005d01c847e8$20c81f30$62585d90$@net> <4772A741.40303@nitros9.org> <007e01c847fa$cbae1a00$630a4e00$@net> <47732E9D.4030803@nitros9.org> <00b401c848e0$2f0e9c60$8d2bd520$@net> <4774B67D.7040603@nitros9.org> <005601c8496f$9e430910$dac91b30$@net>
User-agent: Thunderbird 2.0.0.6 (X11/20071022)

Glen Zorn wrote:

> As I said, put that way or any other way you like, ANY change is
> incompatible with existing deployments.  If one were to add a new "standard"
> attribute (in the old format or the proposed VSA-like format or any other)
> it would be incompatible with existing deployments.

  That isn't the point.  Everyone accepts that implementations have to
be updated to handle new standards.  One of the major efforts in RADIUS
has been to maintain backwards compatibility with existing deployments.

  i.e. if a product doesn't implement the new standard, it can still
communicate with products that do implement that standard.

  This proposal breaks that completely.  It will be perfectly legal for
implementations of your proposal to put ALL RADIUS attributes as
grouped, inside of an "extended attribute".  Any NAS that receives such
a response will get a packet containing *nothing* but VSA's.  It will
then decide that there is nothing in the packet that it recognizes, and
will fail.

  i.e. your proposal creates a new protocol that is incompatible with
legacy RADIUS.

> Actually, while the timeframe was long, the discussion wasn't: I've only
> received a couple of comments on it in the last months.  It _did_ take an
> inordinate amount of time to reject the 'Diameterization' of RADIUS,
> though...

  This proposal is no better.  It's worse in many respects.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: Questions on modified Extended Attribute format?
  - From: "Glen Zorn" <glenzorn@comcast.net>
- RE: Questions on modified Extended Attribute format?
  - From: Bernard Aboba <bernard_aboba@hotmail.com>

Next by Date: Review of draft-gaonkar-radext-erp-attrs-02.txt
Next by thread: RE: Questions on modified Extended Attribute format?
Index(es):
- Date
- Thread