Re: Issue with Guidelines document

[Alan DeKok <aland@deployingradius.com>]

Bernard Aboba wrote:
> Yes.   VSAs are allowed  Presumably this would also include 
> Extended Attributes?

  Likely, yes.

> Since this document is a BCP, not an update to RFC 2866, it can quote from
> existing RFCs, but shouldn't modify them.
> 
> So it's ok to add an item to Section 3.3 about not including standard RADIUS
> attributes beyond Proxy-State in Accounting-Responses, using a quote
> from RFC 2866 Section 5.13 for justification.  Since RFC 2866 allows VSAs,
> I don't think they can or should be prohibited in this document.

  Maybe make them NOT RECOMMENDED?

  Ongoing discussion indicates that people are using them to implement
CoA behavior.  i.e. changes to billing, bandwidth, etc.  Because "doing
CoA is too hard".

  Also, making changes to user sessions as a result of VSA's in an
Accounting-Response should be NOT RECOMMENDED.  Implementors SHOULD use
CoA instead.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>