Re: request to recharter

["Bernard Aboba" <Bernard_Aboba@hotmail.com>]

>  The "RADIUS over TCP" document could reference existing RADIUS
> practices, and explain in excruciating detail why they won't work for TCP.
>
>  Also, some issues relating to RADIUS PDU's over a stream transport may
> be discussed.  e.g. receiving half a RADIUS packet and then a FIN is
> *not* a problem.
>
> The MIB counters for
> radiusAuthServMalformedAccessRequests should NOT be incremented.  e.g.
> receiving a PDU with malformed attributes means that the TCP connection
> SHOULD be closed.
>
>  Many RADIUS practices related to handling error cases require a PDU to
> be "silently discarded".  This won't work for TCP.  The connection has
> to be closed, too.
>
> The existing RFC's have to be audited, and a new
> document issued which explains the correct behavior.

This sounds like an outline of the issues that need to be handled in the 
RADSEC specification.
Regardless of whether the RADEXT WG ends up adding the RADSEC work to the 
Charter, it
would be useful to include this material in the document. 


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>