[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issue 272 resolution

To: Glen Zorn <glenzorn@comcast.net>
Subject: Re: Issue 272 resolution
From: Alan DeKok <aland@deployingradius.com>
Date: Mon, 13 Oct 2008 14:01:44 +0200
Cc: 'radext mailing list' <radiusext@ops.ietf.org>
In-reply-to: <008301c92d22$c66ba090$5342e1b0$@net>
References: <003c01c92c2a$f6316290$e29427b0$@net> <48F1A0FE.4090106@deployingradius.com> <004d01c92c4c$77879280$6696b780$@net> <48F2E276.3080109@deployingradius.com> <007d01c92cf9$2b09c830$811d5890$@net> <48F2EB58.6080503@deployingradius.com> <007e01c92d03$52a819f0$f7f84dd0$@net> <48F30A8A.9090303@deployingradius.com> <007f01c92d16$62b24330$2816c990$@net> <48F31882.2020003@deployingradius.com> <008301c92d22$c66ba090$5342e1b0$@net>
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

Glen Zorn wrote:
> I could have sworn that 272 was pretty clear.  Oh, well.  As noted above,
> the Extended Attributes use a format directly derived from RFC 2865 VSAs
> (the only difference is the addition of the 'More' and 'Tag' fields.  RFC
> 2865 states:

  Well, yes.  I have read that from time to time.

> Note the words "a sequence of vendor type / vendor length / value fields";
> vendor Type/Length/Value == TLV, I'm not inventing any new terminology here.
> There's just one problem with this definition, it doesn't allow the
> assignment of a overall type (or name, if you like)  to a VSA that consists
> of multiple TLVs.

  RADIUS has (historically) had a flat name-space.  VSA's have always
allowed multiple TLV's in them.  There hasn't been a naming issue.

  RADIUS has historically *not* allowed nested data types.  IIRC, the WG
has expressed concern about it.  You seem to be proposing exactly
this... a data type which allows attributes to be encoded in it.

>  This is understandable because IIRC the reason multiple
> TLVs were allowed was just to conserve space in the packet.  It is that
> problem that I'm attempting to solve with a simple 2 layer hierarchy of
> grouping: tags group related Extended Attributes, while Extended Attributes
> group related TLVs.

  So the 'extended attribute type" is really an encapsulation for
*another* layer of TLV's.  Is that right?

>  Both types of groupings are optional.  My suggestion is
> to adopt an 8-bit type for both Extended Attributes and TLVs (I hope that
> we've established the meaning of "TLV" now).  Actually, to do it right, one
> would need a "More" flag in TLVs, too, however.

  I understand the acronym "TLV".  I wish to heck I understood *which*
TLV you're referring to, and *what* it does.

  Can you give examples?  Please?  Pointing to the MS-CHAP documents
doesn't help, as they have manifestly been transported through RADIUS
for over a decade.  Repeating that they're TLV's is obviously not
helping me.

  Examples?  If it's so obvious what they are, examples should be
trivial to create.  If the examples are difficult to create, then it
would seem that they have no real-world use.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Issue 272 resolution
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Issue 272 resolution
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Issue 272 resolution
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Issue 272 resolution
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Issue 272 resolution
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Issue 272 resolution
  - From: "Glen Zorn" <glenzorn@comcast.net>

Prev by Date: RE: Issue 272 resolution
Next by Date: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
Previous by thread: RE: Issue 272 resolution
Next by thread: RE: Issue 272 resolution
Index(es):
- Date
- Thread