[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Status of Issue 225

To: "'Alan DeKok'" <aland@deployingradius.com>, "'Bernard Aboba'" <bernard_aboba@hotmail.com>, "'radext mailing list'" <radiusext@ops.ietf.org>
Subject: RE: Status of Issue 225
From: "Glen Zorn" <glenzorn@comcast.net>
Date: Thu, 13 Nov 2008 16:53:13 -0600
In-reply-to: <491C1028.5020806@deployingradius.com>
References: <BLU137-W27AB3F1090DBDFB1041C38931C0@phx.gbl> <491C1028.5020806@deployingradius.com>

> Bernard Aboba wrote:
> > During the RADEXT WG last call on the RADIUS Extended Attributes
> draft,
> > you filed Issue 225:
> > http://www.drizzle.com/~aboba/RADEXT/
> >
> > The editor of the document, Glen Zorn, has now listed Issue 225 as
> > resolved.  However, before
> > closing this issue, we wanted to get your consent.   Please send a
> note
> > to the RADEXT WG
> > mailing list indicating whether Issue 2225 is in fact resolved to
> your
> > satisfaction, and if not,
> > what portion of the issue remains outstanding.  The latest version of
> > the Extended Attributes
> > document is available for inspection here:
> > http://tools.ietf.org/html/draft-ietf-radext-extended-attributes-05
> 
>   The issue that still need addressing are:
> 
> --
> Section 4:
> ...
>  I suggest also noting that "Extended-Length = Length - 6".  Otherwise,
> it becomes theoretically possible for them to have conflicting values
> ---
> 
>   It is not *ridiculously* clear from the current document that
> "Length"
> and "Extended-Length" are strongly related.  

Maybe not to you...

> I suggest a MUST:
> 
> --
>    Ext-Len
> 
>       >= 3.  The length of the Type-Length-Value tuple in octets,
>       including the Ext-Type, Ext-Len and Value fields.  The contents
>       of the Ext-Len field MUST be 6 less than the contents of the
>       Length field.  That is: Ext-Len = Length - 6.
> --
> 

This would disallow the presence of multiple AVPs in a single attribute.
Are you claiming "WG Consensus" for this massive change?  

>   Experience shows that without this text, people will create
> attributes
> that don't satisfy this criteria... and claim they're standards
> compliant.

This comment is fascinating.  What, exactly, is the "experience" you are
talking about?  Are there already multiple implementations of the extended
attributes?  Have you perfected time travel?  

> 
> --
>   Also, attributes generated by a client or server MUST NOT be
> fragmented at boundaries other than 246 octets.  Doing so would
> decrease
> the efficiency of packing.  Robust implementations SHOULD support
> receiving attributes fragmented at non-246 octet boundaries.
> --
> 
>   The only reference to 246 octets in the document says that attributes
> *can* be fragmented at 246 octets.  It doesn't forbid fragments smaller
> than that.
> 
>   Experience shows that without this text, people will create short
> fragments, causing problems for everyone else.

More "experience".  Where does this "experience" come from?  The only
problems caused will be for those who wrote code that can't handle fragments
< 246 in length.

> 
>   Alan DeKok.
> 
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: Status of Issue 225
  - From: Alan DeKok <aland@deployingradius.com>
- RE: Status of Issue 225
  - From: "Bernard Aboba" <Bernard_Aboba@hotmail.com>

References:
- Re: Status of Issue 225
  - From: Alan DeKok <aland@deployingradius.com>

Prev by Date: RE: Status of Issue 278
Next by Date: RE: Status of Issue 225
Previous by thread: Re: Status of Issue 225
Next by thread: RE: Status of Issue 225
Index(es):
- Date
- Thread