Re: Consensus Call on RADEXT WG re-charter

["David B. Nelson" <dnelson@elbrysnetworks.com>]

Matt Holdrege wrote:

> As far as backwards compatibility is concerned, I hope everyone realizes 
> that RADIUS is an extremely well installed **SERVICE** and a completely 
> new **SERVICE** would be a waste of everyone’s time. People can scream 
> and yell about having to twiddle bits in their servers and proxies but I 
> don’t care. It is the clients that you should really be concerned with.

Right.  While I think the RADSEC folks indicate they have some client 
implementations, my impression of the work is that its more useful 
between the first-hop proxy and the home server.

For the RADESC folks: Is there any reason that the first-hop proxy 
couldn't terminate a RADIUS (RADIUS over UDP) session with the NAS and 
originate a RADSEC (RADIUS over TLS/TCP) session with the up-stream 
proxies or home server?



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>