[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Re: RADIUS

To: Russ Housley <housley@vigilsec.com>
Subject: Re: Fwd: Re: RADIUS
From: Bernard Aboba <aboba@internaut.com>
Date: Sat, 3 May 2003 08:23:21 -0700 (PDT)
Cc: iesg@ietf.org
In-reply-to: <5.2.0.9.2.20030502160205.033a0ca0@mail.binhost.com>
References: <5.2.0.9.2.20030502160205.033a0ca0@mail.binhost.com>

> Would it be unreasonable to ask such people to generate a companion AAA
> draft at the same time, to show the way forward?

Assuming that there is empirical evidence that a AAA-based approach to the
problem makes sense, and there is some thought about the security issues,
and a volunteer to write the draft, sure.

BTW, when the phrase "RADIUS is dead" or "the IETF is done with RADIUS" is
used, my eperience is that this is typically used to justify why a
particular "extension" should not be subjected to IETF review. We've just
gone through a review of the 3GPP2 Credit Control document for Diameter,
which is based on a RADIUS "extension" that appears to qualify as Level 2
RADIUS Abuse (it cannot work reliably). So not only will 3GPP2 probably
need to redo their pre-paid RADIUS specification, but the Diameter
specification has some of the same problems, too. All in all, if the
documents had been brought to the IETF first, the whole process would have
been considerably shortened (and implementations in progress would not
need to be rewritten).

References:
- Fwd: Re: RADIUS
  - From: Russ Housley <housley@vigilsec.com>

Prev by Date: Re: HEELLLLOOOOOO: - Re: FW: Application for port-number (moretech)
Next by Date: Re: New liaison to the IAB from the IESG: Bert Wijnen
Previous by thread: Re: Fwd: Re: RADIUS
Next by thread: Expediting the w3d URN processing
Index(es):
- Date
- Thread