On Jan 7, 2010, at 4:54 PM, Joseph Salowey (jsalowey) wrote:
[Joe] Regardless of whether it changes the basic processing model of RADIUS or not, the processing of "string" attribtues has the same security implications of complex attributes.
That presumes that "string" attributes should be processed. If the the only operations performed on strings are to compare them for match with other strings, they're not much risk. It's when you assume that strings are more than simply names in some namespace that you can get into trouble.
-- to unsubscribe send a message to radiusext-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/radiusext/>