[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions on TCP port usage for RADIUS/TLS

To: Alan DeKok <aland@deployingradius.com>
Subject: Re: Questions on TCP port usage for RADIUS/TLS
From: Mike McCauley <mikem@open.com.au>
Date: Tue, 21 Dec 2010 08:16:57 +1000
Cc: Stefan Winter <stefan.winter@restena.lu>, "radiusext@ops.ietf.org" <radiusext@ops.ietf.org>
In-reply-to: <4D0F7E2C.9090200@deployingradius.com>
Organization: Open System Consultants
References: <4D0F518B.2020706@restena.lu> <4D0F7E2C.9090200@deployingradius.com>
User-agent: KMail/1.9.10

Hi,

I agree with Alan on all points.

Cheers.

On Tuesday 21 December 2010 02:02:52 am Alan DeKok wrote:
> Stefan Winter wrote:
> > So, there is a good reasoning on why three distinct ports would make
> > sense. The only problem is: none of the existing implementations does it
> > that way; so there is no running code yet. The question thus is:
>
>   IIRC, the implementations are capable of listening on multiple ports
> at the same time.  This allows then to listen on 3 ports, even if they
> *also* accept all packet codes on each of those ports.
>
> > ** As an implementor, do you think changing the spec towards three
> > separate ports is reasonable, and do you think you would adapt your
> > implementation? **
>
>   I prefer fewer ports.  Adapting the implementation is easier than
> adapting the spec. :)
>
> > ** If you had to choose between the aforementioned decision points a) or
> > b) , which one would you prefer as an implementor? **
>
>   I'd prefer to re-use TCP/1812, TCP/1813, and TCP/3699 for TLS.
>
>   Alan DeKok.
>
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>



-- 
Mike McCauley                               mikem@open.com.au
Open System Consultants Pty. Ltd
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- Re: Questions on TCP port usage for RADIUS/TLS
  - From: Alan DeKok <aland@deployingradius.com>

Prev by Date: Re: Questions on TCP port usage for RADIUS/TLS
Next by Date: Fwd: Re: Questions on TCP port usage for RADIUS/TLS
Previous by thread: Re: Questions on TCP port usage for RADIUS/TLS
Next by thread: Fwd: Re: Questions on TCP port usage for RADIUS/TLS
Index(es):
- Date
- Thread