IETF Logo Mail Archive

Re: [radext] Fwd: New Version Notification for draft-ietf-radext-radius-fragmentation-05.txt

Alan DeKok <aland@deployingradius.com> Tue, 18 March 2014 13:27 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A130E1A03FE for <radext@ietfa.amsl.com>; Tue, 18 Mar 2014 06:27:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cwdvBYPiBoL3 for <radext@ietfa.amsl.com>; Tue, 18 Mar 2014 06:27:56 -0700 (PDT)
Received: from power.freeradius.org (power.freeradius.org [88.190.25.44]) by ietfa.amsl.com (Postfix) with ESMTP id 6C6FC1A03F5 for <radext@ietf.org>; Tue, 18 Mar 2014 06:27:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by power.freeradius.org (Postfix) with ESMTP id D00AD2240152; Tue, 18 Mar 2014 14:27:47 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at power.freeradius.org
Received: from power.freeradius.org ([127.0.0.1]) by localhost (power.freeradius.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EwCCXGJQqixm; Tue, 18 Mar 2014 14:27:47 +0100 (CET)
Received: from Thor.local (unknown [70.50.218.22]) by power.freeradius.org (Postfix) with ESMTPSA id 4422522400DD; Tue, 18 Mar 2014 14:27:47 +0100 (CET)
Message-ID: <532849D2.3040504@deployingradius.com>
Date: Tue, 18 Mar 2014 09:27:46 -0400
From: Alan DeKok <aland@deployingradius.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Alejandro Perez Mendez <alex@um.es>
References: <20140307075126.8756.14600.idtracker@ietfa.amsl.com> <53197B56.10303@um.es> <53281E36.2020708@cisco.com> <53282898.9050504@um.es>
In-Reply-To: <53282898.9050504@um.es>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/radext/S5Mnzc27KTtXZzm3re3nlxhK3ns
Cc: radext@ietf.org
Subject: Re: [radext] Fwd: New Version Notification for draft-ietf-radext-radius-fragmentation-05.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Mar 2014 13:27:57 -0000

Alejandro Perez Mendez wrote:
> we could extend that line to something like:
> 
> The
>    authors acknowledge this is formally violating [RFC2865], but no
>    operational issues are expected as no known implementation 
>    perform that verification when proxying Access-Requests, since doing so would
>    preclude them to support future extensions. 

  Perhaps this (word-smithing)

The authors acknowledge that this specification violates the "MUST"
requirement of [RFC2865] Section 4.1.  We note that a proxy which
enforces that requirement would be unable to support future RADIUS
authentication extensions.  Extensions to the protocol would therefore
be impossible to deploy.

All known implementations have chosen the philosophy of "be liberal in
what you accept".  That is, they accept traffic which violates the
requirement of [RFC2865] Section 4.1.  We therefore expect to see no
operational issues with this specification.  After we gain more
operational experience with this specification, it can be re-issued as a
standards track document, and update [RFC2865].

  Alan DeKok.

v2.23.0 | Report a Bug | By Email