Re: [radext] Extended IDs
Alan DeKok <aland@deployingradius.com> Wed, 19 April 2017 01:54 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E5541205F1 for <radext@ietfa.amsl.com>; Tue, 18 Apr 2017 18:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q2g8QioqDxBn for <radext@ietfa.amsl.com>; Tue, 18 Apr 2017 18:54:50 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) by ietfa.amsl.com (Postfix) with ESMTP id 6D6E31200DF for <radext@ietf.org>; Tue, 18 Apr 2017 18:54:50 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.networkradius.com (Postfix) with ESMTP id A5EC41A89; Wed, 19 Apr 2017 01:54:49 +0000 (UTC)
Received: from mail.networkradius.com ([127.0.0.1]) by localhost (mail-server.vmhost2.networkradius.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id taD5fZ3fnOvS; Wed, 19 Apr 2017 01:54:49 +0000 (UTC)
Received: from [192.168.120.42] (23-233-24-114.cpe.pppoe.ca [23.233.24.114]) by mail.networkradius.com (Postfix) with ESMTPSA id 15C9F5B6; Wed, 19 Apr 2017 01:54:48 +0000 (UTC)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <6c0d923f-d27d-16f7-c1bc-65c96b98f228@cisco.com>
Date: Tue, 18 Apr 2017 21:54:47 -0400
Cc: radext@ietf.org, Naiming Shen <naiming@cisco.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <45205539-2F5B-4512-A40E-EF6B28E1A6A3@deployingradius.com>
References: <361AC9F2-4CFE-46D5-A893-CBEDAFFA85B8@deployingradius.com> <af16dfe3-f134-0478-6a02-f73699ecdb02@cisco.com> <1767D4FB-29BB-4E91-9339-1B40F3D3FC91@deployingradius.com> <6c0d923f-d27d-16f7-c1bc-65c96b98f228@cisco.com>
To: Enke Chen <enkechen@cisco.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/DRHNW85p7TeHKRPL-lUDrpvYyWk>
Subject: Re: [radext] Extended IDs
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Apr 2017 01:54:52 -0000
On Apr 18, 2017, at 8:52 PM, Enke Chen <enkechen@cisco.com> wrote: > That is a different protocol :-) For better or worse RADIUS is not going away in > enterprise anytime soon. What I mean is that extending the Code space has already been done in Diameter. There is no need to do it in RADIUS. Even worse, if there *is* a need to do it in RADIUS, the answer should be "don't do it, just use Diameter". >> The issue is solving one problem at a time. There is no *current* need to extend >> the Code space. Therefore, there shouldn't be a proposal to extend it. > > I have to disagree. I do not see any benefits with the piecemeal approach in this > case. It's about doing what's necessary. It's not necessary to extend the Code space at this time. Therefore, it shouldn't be done. > There are tradeoffs. The question is, do we really want to burn another attribute > when one can do? I would think that we want to preserve the attribute space and > learn from the past. My $0.02 is that a simpler approach will work just as well. > "minor" vs "major" is just opinion, right? Also is there some IETF rule that > states that a particular field can not be touched (even when needed), especially > when it is done in a backward compatible way? It's at least convention. I've had enough discussion with people that I think there is wide-spread consensus that major changes to RADIUS won't be approved. > I think that we will be better served if we just speak for ourselves (instead of > for someone else or IESG), and stay on the technical issues. I've given my technical review of the document. > Again, you consider this ID enlargement as "major", and I do not, but that does not > really matter. RADIUS is not going away anytime soon, and we have to keep addressing > issues we face. I guess that is the reason this WG still exists. Yes... that's not my point. My point is that we've been patching RADIUS in minor ways for a long time now. That's unpleasant, but part of real-world engineering. Major changes to RADIUS have wide-spread opposition in the IETF. You don't need to convince me that the changes will be OK. You need to convince everyone else. Alan DeKok.
- [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Alan DeKok
- Re: [radext] Extended IDs Enke Chen
- Re: [radext] Extended IDs Alan DeKok