Re: AD review of draft-zorn-radius-pkmv1-04.txt

d(_dot_)b(_dot_)nelson(_at_)comcast(_dot_)net wrote:

Yeah.  I've always been a bit uncomfortable with the "security
functionality" escape clause in the RADIUS Design Guidelines draft. 
Lots of things can reasonably be claimed to be "security related".  I
would have preferred the exception to be crafted a bit narrower, just
for this reason.  But, unless wording of Design Guidelines is changed,
you have a legitimate argument.


  I believe the intent was "related to RADIUS security".  The guidelines
document could be updated to address this.

  RADIUS could transport parameters for *another* protocol.  Those
attributes are not security related.  They either follow the RADIUS data
model (int, IP address, etc.), or they are "opaque data" that RADIUS is
simply transporting on the behalf of the other protocol.

  Alan DeKok.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [TLS] Last Call: draft-ietf-tls-extractor (Keying MaterialExporters for Transport Layer Security (TLS)) to Proposed Standard, Jeffrey A. Williams

Next by Date:

Re: BCP 47 reference (was Re: Last Call: draft-nottingham-http-link-header from digest), Noah Slater

Previous by Thread:

Re: AD review of draft-zorn-radius-pkmv1-04.txt, d . b . nelson

Next by Thread:

RE: review of draft-zorn-radius-pkmv1-04.txt, Bernard Aboba

Indexes:

[Date] [Thread] [Top] [All Lists]