Re: [radext] Basic question about user-name attribute
Alan DeKok <aland@deployingradius.com> Sat, 10 November 2018 19:07 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C683D128CE4 for <radext@ietfa.amsl.com>; Sat, 10 Nov 2018 11:07:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fEz5-z5ia7hH for <radext@ietfa.amsl.com>; Sat, 10 Nov 2018 11:07:05 -0800 (PST)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) by ietfa.amsl.com (Postfix) with ESMTP id 0A88A124408 for <radext@ietf.org>; Sat, 10 Nov 2018 11:07:04 -0800 (PST)
Received: from [192.168.46.58] (198-84-237-221.cpe.teksavvy.com [198.84.237.221]) by mail.networkradius.com (Postfix) with ESMTPSA id BE3DA31C; Sat, 10 Nov 2018 19:07:03 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CALSGxMPXsNXWOS8V+GHVg7h-QR0NausRczdHV_T-bDUu-TKukA@mail.gmail.com>
Date: Sat, 10 Nov 2018 14:07:02 -0500
Cc: radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <AF579236-EAFC-4151-9C59-F246761916BA@deployingradius.com>
References: <CALSGxMPXsNXWOS8V+GHVg7h-QR0NausRczdHV_T-bDUu-TKukA@mail.gmail.com>
To: Fadi Bushnaq <zardoss@gmail.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/E1g5_VyB6wg5SGylqClCv0fLFTc>
Subject: Re: [radext] Basic question about user-name attribute
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Nov 2018 19:07:07 -0000
On Nov 10, 2018, at 5:36 AM, Fadi Bushnaq <zardoss@gmail.com> wrote: > > I hope this is the right place to post such questions Yes. > From RFC 2865 section 5.1, user-name MUST be sent in access-request packets and MAY be sent in access-accept. > > The question is, in case it is decided to include this attribute in the access-accept packet, does it have to be identical to the value received in the access-request relative to the same session or can it be different? I suspect that the intention was for the values to be identical. Since the RFC doesn't say that, they're allowed to be different. In practice, people do send Access-Accepts where the User-Name is different than the one in the Access-Request. > Any reference to where this is documented would be highly appreciated. If it's not in the RFCs, it's not documented anywhere. Alan DeKok.
- [radext] Basic question about user-name attribute Fadi Bushnaq
- Re: [radext] Basic question about user-name attri… Alan DeKok
- Re: [radext] Basic question about user-name attri… Stefan Winter
- Re: [radext] Basic question about user-name attri… Alan DeKok