Updates to the guidelines document.

[Alan DeKok <aland@deployingradius.com>]

  As noted at IETF 73, we should likely update the guidelines document
to include a note on the Called-Station-Id attribute.  RFC 3580 defines
it to contain two independent fields: MAC and SSID.  As this is a
complex type not used for security or authentication, it should be
listed in Appendix B.

  Suggested text is below.  If there are no objections, it can go into
the next revision of the document.

  Alan DeKok.


---
B.8. Called-Station-Id

   [RFC3580] Section 3.20 defines a format for the Called-Station-Id
   Attribute which can be sent by a RADIUS client:

      For IEEE 802.1X Authenticators, this attribute is used to store
      the bridge or Access Point MAC address in ASCII format (upper case
      only), with octet values separated by a "-".  Example:
      "00-10-A4-23-19-C0".  In IEEE 802.11, where the SSID is known, it
      SHOULD be appended to the Access Point MAC address, separated from
      the MAC address with a ":".  Example "00-10-A4-23-19-C0:AP1".

   The sub-fields encoded in this attribute are independent, and do not
   carry security or authentication data.  This use of a complex text
   type is therefore NOT RECOMMENDED.  Future specifications SHOULD NOT
   use similar methods to pack multiple fields of type text into one
   text attribute.  This specification should have instead defined a new
   attribute to contain the SSID.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>