Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback

Alan DeKok <aland@deployingradius.com> Fri, 25 July 2014 19:24 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4E2E1A0195 for <radext@ietfa.amsl.com>; Fri, 25 Jul 2014 12:24:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vbW0-i3tkWmq for <radext@ietfa.amsl.com>; Fri, 25 Jul 2014 12:24:04 -0700 (PDT)
Received: from power.freeradius.org (power.freeradius.org [88.190.25.44]) by ietfa.amsl.com (Postfix) with ESMTP id 2FC711A0343 for <radext@ietf.org>; Fri, 25 Jul 2014 12:24:03 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by power.freeradius.org (Postfix) with ESMTP id 7F8E52240168; Fri, 25 Jul 2014 21:24:02 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at power.freeradius.org
Received: from power.freeradius.org ([127.0.0.1]) by localhost (power.freeradius.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_5BpPpJMw63; Fri, 25 Jul 2014 21:23:57 +0200 (CEST)
Received: from Thor.local (unknown [70.50.219.241]) by power.freeradius.org (Postfix) with ESMTPSA id 0AAFD2240333; Fri, 25 Jul 2014 21:23:56 +0200 (CEST)
Message-ID: <53D2AECC.6040400@deployingradius.com>
Date: Fri, 25 Jul 2014 15:23:56 -0400
From: Alan DeKok <aland@deployingradius.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
References: <mailman.0.1406300368.3016.radext@ietf.org> <D1A82475-4CAA-49D8-A2E3-AC07F4879F15@freeradius.org>
In-Reply-To: <D1A82475-4CAA-49D8-A2E3-AC07F4879F15@freeradius.org>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/radext/GYi_piIsh0etVznvCLBvA979ZYY
Cc: radext@ietf.org
Subject: Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jul 2014 19:24:06 -0000

  And reviewing the document some more:

- it doesn't use TLVs.  It uses the 6929 attribute format.  But it still
packs multiple fields into one attribute.  Each field needs to be a
separate sub-TLV.

  e.g.  Section 3.1:

     This attribute is of type complex [RFC6158] ..

  There is no need for a "complex" type.

- ST (Session Type)

  This field defines identifiers for TCP, UDP, and ICMP.  We already
have identifiers defined in IPv6.  This document should re-use those
values, as it avoids the need for us to have more RADIUS-specific
allocations.

  It could instead refer to the IPv6 protocol mappings, define "ST" as a
TLV, and then say "if this rule applies to TCP and UDP, then list both
TCP and UDP as protocols".

  Alan DeKok.