Hi, > I'm extremely pleased to hear that! For example, I'm inclined to think > that TLSoSCTP might be a choice far less destructive of RADIUS semantics > that TLSoTCP... SCTP was also considered, and in fact the Radiator implementation also offers SCTP as an option. The choice for TCP was a rather pragmatic one. SCTP is available on less platforms and the implementations appeared to be a bit more flaky - e.g. the SCTP implementation in Linux has had several DoS advisories, and I for one wouldn't want to rely on it yet. Regarding platforms: that LANCOM Access Point implementation wouldn't exist if SCTP would have been the transport - to my best knowledge, that feature is not even anywhere near their radar. So, the choice was to concentrate on something that works today and almost everywhere. If I take a look at how Diameter approached this: clients TCP and optional SCTP, servers both required: if we were to follow that, we'd still have to deal with all the complexities of TCP and add on top of that SCTP. And I'm not sure that trying SCTP first and falling back to TCP if that doesn't work really fits to the KISS mantra of the IETF. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Attachment:
signature.asc
Description: This is a digitally signed message part.