Re: [radext] Extended IDs
Alan DeKok <aland@deployingradius.com> Thu, 14 December 2017 02:05 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A6681279EB for <radext@ietfa.amsl.com>; Wed, 13 Dec 2017 18:05:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y3V7dL_7BEEZ for <radext@ietfa.amsl.com>; Wed, 13 Dec 2017 18:05:41 -0800 (PST)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) by ietfa.amsl.com (Postfix) with ESMTP id B945B127517 for <radext@ietf.org>; Wed, 13 Dec 2017 18:05:41 -0800 (PST)
Received: from [192.168.2.9] (198-84-205-59.cpe.teksavvy.com [198.84.205.59]) by mail.networkradius.com (Postfix) with ESMTPSA id 6F4504D6; Thu, 14 Dec 2017 02:05:40 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <B319648D-4732-418C-A87A-11B02FE39A7F@jisc.ac.uk>
Date: Wed, 13 Dec 2017 21:05:38 -0500
Cc: "radext@ietf.org" <radext@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9E698F12-57CD-4E3F-B100-5A7AF2D20108@deployingradius.com>
References: <fef698a5-9802-c9be-04d7-1e869651c988@restena.lu> <dfd0ff02-c9e8-7253-4fb4-1e6def3e93b2@restena.lu> <933E6F70-A7C1-4168-9AC9-F925EF78D9E2@jisc.ac.uk> <AE2036D0-1294-45B5-A0D7-16F91E0B4248@cisco.com> <B319648D-4732-418C-A87A-11B02FE39A7F@jisc.ac.uk>
To: Adam Bishop <Adam.Bishop@jisc.ac.uk>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/1LGo3mpcvboCQwPv_PvvaSoRvhQ>
Subject: Re: [radext] Extended IDs
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2017 02:05:44 -0000
On Dec 13, 2017, at 5:38 PM, Adam Bishop <Adam.Bishop@jisc.ac.uk> wrote: > Somewhere in the thread simpler debugging was cited as a desirable property of draft-chen - I’m not sure I grasped the argument though. What makes a byte string in the header more difficult to validate/printf than an byte string encapsulated in a TLV? I think the opinion is that looking at one packet, an *explicit* Extended-ID attribute is easier to see than the idea that the Request Authenticator is *implicitly* also used as an ID. But... it's 2017. There are many, many, solutions for correlating requests and responses. Doing this in software is easy. There are many free / open source products that will be available. And both proposals will confuse existing packet sniffing software. That can't be helped, unfortunately. Alan DeKok.
- [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Acee Lindem (acee)
- Re: [radext] Extended IDs Robert Raszuk
- Re: [radext] Extended IDs Jakob Heitz (jheitz)
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Jakob Heitz (jheitz)
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Astrid Smith
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Stig Venaas
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Arran Cudbard-Bell
- Re: [radext] Extended IDs peter
- Re: [radext] Extended IDs Bernard Aboba
- Re: [radext] Extended IDs Alan DeKok
- [radext] FW: Extended IDs Albert Tian
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Brian Weis (bew)
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Brian Weis (bew)
- Re: [radext] Extended IDs David Carrel
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Adam Bishop
- Re: [radext] Extended IDs Jun Zhuang
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Jakob Heitz (jheitz)
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Naiming Shen (naiming)
- Re: [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Peter Deacon
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Acee Lindem (acee)
- Re: [radext] Extended IDs Adam Bishop
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Acee Lindem (acee)
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Acee Lindem (acee)
- Re: [radext] Extended IDs Stefan Winter
- Re: [radext] Extended IDs Alexander Clouter