[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG Review: Recharter of RADIUS Extensions Working Group (radext)

To: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
Subject: Re: WG Review: Recharter of RADIUS Extensions Working Group (radext)
From: Alan DeKok <aland@deployingradius.com>
Date: Wed, 14 May 2008 14:58:43 +0200
Cc: iesg@ietf.org, Bernard_Aboba@hotmail.com, d.b.nelson@comcast.net, radiusext@ops.ietf.org
In-reply-to: <EDC652A26FB23C4EB6384A4584434A04BF9DB3@307622ANEX5.global.avaya.com>
References: <20080513220001.D52A63A6923@core3.amsl.com> <EDC652A26FB23C4EB6384A4584434A04BF9DB3@307622ANEX5.global.avaya.com>
User-agent: Thunderbird 2.0.0.14 (X11/20080502)

Romascanu, Dan (Dan) wrote:
> I suggest to consider the comments from Magnus during the IESG/IAB
> internal review as IETF review comments and address them. 
...
> > - All documents produced MUST specify means of interoperation with
> > legacy RADIUS implementations and, if possible, be backward
> > compatible with existing RADIUS RFCs, ...

> I kind of find this formulation interesting. So implementations are
> actually more important then any of the specifications? So if I claim
> that I have a implementation which doesn't follow the specs for that
> they still can be used as an argument to affect the new extensions?

  Maybe just "... interoperation with legacy RADIUS and, if possible..."

  i.e. delete "implementations".

> I made a quick scan at RFC 2865. Are there any real definition of how
> the UDP retransmission timers should look?

  RFC 5080 Section 2.2.1 defines these timers.

> In addition, is it congestion problems or the message size that makes
> one go towards TCP?

  I think that the main one is message size.  While there may not be a
need to increase the 4k maximum packet size for RADIUS, there are many
broken firewalls and routers out there.  UDP packets that are 4k in size
may be fragmented at the IP layer, and may not make it intact across the
network.  Using TCP for transport means that the RADIUS packets are
fragmented across multiple TCP packets, but that the IP packets are not
fragmented.

  In addition, TCP can have faster feedback than UDP when a connection
goes down.  This can help minimize delays on failover.

> I wonder if  you need to have some clean up of the UDP based
> transport rules for radius when you anyway are in the process?

  Many transport rules for RADIUS were updated in RFC 5080.  I'm not
sure any more changes are required.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
  - From: "Glen Zorn" <glenzorn@comcast.net>

References:
- WG Review: Recharter of RADIUS Extensions Working Group (radext)
  - From: IESG Secretary <iesg-secretary@ietf.org>
- RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
  - From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>

Prev by Date: RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
Next by Date: RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
Previous by thread: RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
Next by thread: RE: WG Review: Recharter of RADIUS Extensions Working Group (radext)
Index(es):
- Date
- Thread