[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-chiba compatibility with Diameter review of Chiba 19

To: Bernard Aboba <aboba@internaut.com>
Subject: Re: draft-chiba compatibility with Diameter review of Chiba 19
From: "Murtaza S. Chiba" <mchiba@cisco.com>
Date: Tue, 13 May 2003 13:56:25 -0700
Cc: Avi Lior <avi@bridgewatersystems.com>, "'aaa-wg@ietf.org'" <aaa-wg@ietf.org>, "'gdommety@cisco.com'" <gdommety@cisco.com>, "'meklund@cisco.com'" <meklund@cisco.com>, "'david@mitton.com'" <david@mitton.com>, "'iesg@ietf.org'" <iesg@ietf.org>, "'jari.arkko@piuha.net'" <jari.arkko@piuha.net>
In-reply-to: <Pine.LNX.4.53.0305131325320.26228@internaut.com>
References: <F17FB067A86B2D488382C923C532EAA746E942@exch01.bridgewatersys.com> <Pine.LNX.4.53.0305131131580.19806@internaut.com> <3EC158A5.8040303@cisco.com> <Pine.LNX.4.53.0305131325320.26228@internaut.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3b) Gecko/20030211

Bernard Aboba wrote:

Hi ALl,
	If I understand this correctly the Authorize-Only triggers the NAS to
send an Access-Request (after the NAK).  Since, username contains
domain, this is not enough as a domain could have multiple servers for
redundancy and this request needs to go back to a particular server(?)
and hence we need the State attribute?


It is possible that the State Attribute will be needed. Use is optional.

Fair enough, but I am trying to understand the usefulness of the State Attribute. What specific problem does its use solve? Also, if the originator is not the recipient of the Access-Request, then the security implications need to be worked out, ie. do you trust the Access-Accept? Maybe it SHOULD be restricted to the originator??

THanks,
Murtaza

References:
- RE: draft-chiba compatibility with Diameter review of Chiba 19
  - From: Avi Lior <avi@bridgewatersystems.com>
- RE: draft-chiba compatibility with Diameter review of Chiba 19
  - From: Bernard Aboba <aboba@internaut.com>
- Re: draft-chiba compatibility with Diameter review of Chiba 19
  - From: "Murtaza S. Chiba" <mchiba@cisco.com>
- Re: draft-chiba compatibility with Diameter review of Chiba 19
  - From: Bernard Aboba <aboba@internaut.com>

Prev by Date: RE: draft-chiba compatibility with Diameter review of Chiba 19
Next by Date: RE: draft-chiba compatibility with Diameter review of Chiba 19
Previous by thread: Re: draft-chiba compatibility with Diameter review of Chiba 19
Next by thread: RE: draft-chiba compatibility with Diameter review of Chiba 19
Index(es):
- Date
- Thread