[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Last Look" at the RADIUS Design Guidelines document



On Jan 7, 2010, at 4:54 PM, Joseph Salowey (jsalowey) wrote:

[Joe] Regardless of whether it changes the basic processing model of
RADIUS or not, the processing of "string" attribtues has the same
security implications of complex attributes.

That presumes that "string" attributes should be processed. If the the only operations performed on strings are to compare them for match with other strings, they're not much risk. It's when you assume that strings are more than simply names in some namespace that you can get into trouble.





--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>