Dan Harkins wrote:
Yea, mapping by Username might be better. Oone reason is that you
could develop a rational searching strategy to identify keys if you
indexed with something like "Username". That is a great suggestion and
a useful alternative to what is in the draft now. I would support such
a change.
It is also existing practice. The term "hotlining" refers to the
process of pro-actively kicking a user offline after they have
previously been authenticated.
ERX has to be able to support this practice. It has to be able to
delete *all* keys associated with a particular user/cui/session, so that
those keys can no longer be used to obtain network access.
Alan DeKok.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf