[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"

To: Glen Zorn <glenzorn@comcast.net>
Subject: Re: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
From: Alan DeKok <aland@deployingradius.com>
Date: Thu, 14 Aug 2008 21:26:52 +0200
Cc: 'Stefan Winter' <stefan.winter@restena.lu>, radiusext@ops.ietf.org
In-reply-to: <004f01c8fe33$ed1b84d0$c7528e70$@net>
References: <Pine.LNX.4.64.0808131905510.24114@internaut.com> <48A40157.2050706@restena.lu> <000701c8fdfe$5e220ef0$1a662cd0$@net> <EDC652A26FB23C4EB6384A4584434A04ECC5A7@307622ANEX5.global.avaya.com> <48A419C8.2030308@restena.lu> <004f01c8fe33$ed1b84d0$c7528e70$@net>
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

Glen Zorn wrote:
>> Alan's wording "The More Flag MUST NOT be set if the Length is less
>> than
>> 255." sounds good to me.
> 
> My point was that making these kinds of rules is pointless: if someone wants
> to split "Hello" into 5 separate attributes they either have a very good
> reason to do so that none of us can foresee or they will soon be finding
> gainful employment in a different field.  In any case, it's not possible to
> protect people from their own stupidity (besides, they could still do it
> with tags).

  It's only one sentence.  And it will stop the stupid people from
afflicting everyone else.

  RFC 2865 has comments saying:

      The secret MUST NOT be empty (length 0) since this would allow
      packets to be trivially forged.

  Which were inserted because of real-world exposure to implementations
having *no* configuration for shared secrets. (i.e. they were always NUL).

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: "Glen Zorn" <glenzorn@comcast.net>

References:
- REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: Bernard Aboba <aboba@internaut.com>
- Re: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: Stefan Winter <stefan.winter@restena.lu>
- RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: "Glen Zorn" <glenzorn@comcast.net>
- RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
- Re: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: Stefan Winter <stefan.winter@restena.lu>
- RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
  - From: "Glen Zorn" <glenzorn@comcast.net>

Prev by Date: Re: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
Next by Date: RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
Previous by thread: RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
Next by thread: RE: REMINDER: RADEXT WG Last call on "Extended RADIUS Attributes"
Index(es):
- Date
- Thread