RE: Consensus Call on RADEXT WG re-charter

["Glen Zorn" <glenzorn@comcast.net>]

owner-radiusext@ops.ietf.org <> scribbled on Wednesday, April 16, 2008
11:20 PM:

> There is a very interesting thing happening here with the
> notion of adding a new transport to RADIUS: specifically
> TCP/TLS transport to RADIUS.
> 
> In recent experiences in other SDOs people were concerned
> about the scalability of Diameter.  Specifically, in the hot
> arena of Femto Cells and Diameter, people were wondering how a
> diameter server would maintain 100,000 plus connections with
> the femtos.  This without using multiple servers.
> 
> So here we are thinking about perhaps introducing a UDP
> transport or something equivalent for the Diameter server --
> at least for that first hop between the femto cell in your
> home and the operator's site.
> 
> Perhaps the right approach for these protocols is to allow
> them to utilize the correct transport for the job at hand.
> Having no choice is seemingly problematic.

Good point.  On that note, it seems that RadSec (as currently specified)
creates one new option but eliminates another.  Would it be worthwhile
defining RADIUS over TCP, & then how to use TLS to protect it?

...



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>