Re: [radext] [netmod] Comment on draft-ietf-netmod-system-mgmt-05
Andy Bierman <andy@yumaworks.com> Tue, 09 April 2013 15:42 UTC
Return-Path: <andy@yumaworks.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D61E21F976C for <radext@ietfa.amsl.com>; Tue, 9 Apr 2013 08:42:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.428
X-Spam-Level:
X-Spam-Status: No, score=-0.428 tagged_above=-999 required=5 tests=[AWL=0.350, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_64=0.6, J_CHICKENPOX_65=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R6QLI5rXhvWx for <radext@ietfa.amsl.com>; Tue, 9 Apr 2013 08:42:11 -0700 (PDT)
Received: from mail-ie0-x235.google.com (mail-ie0-x235.google.com [IPv6:2607:f8b0:4001:c03::235]) by ietfa.amsl.com (Postfix) with ESMTP id CC9A021F9771 for <radext@ietf.org>; Tue, 9 Apr 2013 08:42:11 -0700 (PDT)
Received: by mail-ie0-f181.google.com with SMTP id 17so8689867iea.12 for <radext@ietf.org>; Tue, 09 Apr 2013 08:42:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:x-gm-message-state; bh=w4fblGZKLnmrs1yXynHQZ2YEcfU4wRj1bJnF26ENqu4=; b=NYEgCrR0TxIhHLiW6+yhmURFnyD0tEVntJb6koX1htlEob2xSsYLNpq36s+60OFJFf I4QWB9rjXpt0bfrEkCKCScRTyzKWDWLEICU2G1rnqvjrCVKZ9pT34ImBCSURTpAe/Nt+ fkdhQGs/jRgZM/gSLs8R5Vj7lAF7jV3s5txtTF1PFwe0qdn1uCjWfapA5UQQTzW12sdK aQJVNK671HGTfHd9b0FETNPMpy70SGc1pGdBAoMS0kxcOpZTMuvA1wuRUVSocFfaj8Yr eRigJXjnv8JK0llDKjuSeA5nWkgzoQYaxBr3dIcJWGlwuiAaNvhiEh5rdQUxDzOm9QkJ pjHQ==
MIME-Version: 1.0
X-Received: by 10.42.58.201 with SMTP id j9mr15069025ich.20.1365522131444; Tue, 09 Apr 2013 08:42:11 -0700 (PDT)
Received: by 10.231.11.2 with HTTP; Tue, 9 Apr 2013 08:42:11 -0700 (PDT)
In-Reply-To: <97FEA158-451F-4F48-85B3-5763A6026A8F@gmail.com>
References: <97FEA158-451F-4F48-85B3-5763A6026A8F@gmail.com>
Date: Tue, 09 Apr 2013 08:42:11 -0700
Message-ID: <CABCOCHTDveoHav4sNJMJN-3DPy_AnB5UVxje68639vicaP9Wmw@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Jouni Korhonen <jouni.nospam@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQlCsB/tFZs5KnZ9CBlJ0wZO2GEwvxqZkldua230QTkc9zUK69G4FId6kn1DBneDJhG92xv/
X-Mailman-Approved-At: Tue, 09 Apr 2013 23:23:06 -0700
Cc: "<radext@ietf.org>" <radext@ietf.org>, netmod@ietf.org
Subject: Re: [radext] [netmod] Comment on draft-ietf-netmod-system-mgmt-05
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2013 15:42:12 -0000
On Tue, Apr 9, 2013 at 5:32 AM, Jouni Korhonen <jouni.nospam@gmail.com> wrote: > Folks, > > AAA-Doctors track on all documents that specify something that > relates to AAA protocols (RADIUS/Diameter). In that light we > also occasionally provide some early comments before the I-Ds > from other WGs enter IETF LC. > > Section 3.4 of draft-ietf-netmod-system-mgmt-05 defines a data > model for the configuration of the RADIUS client. Has the WG > considered additional transports for RADIUS than the original > UDP? RADEXT has defined TCP (RFC6613), TLS (RFC6614) and is > about to complete DTLS (draft-ietf-radext-dtls-04). There are > implementations already out in the field. I would envision > different transports would have an impact to the data model > (transport type, possible TLS cipher details and credentials, > etc). Or is there a particular reason for not taking alternative > transports into account? > thanks for the review. How would you suggest adding this support? The radius feature (page 12) references RFC 2865. If the transport is something the server developer picks, then perhaps updating the description and reference statements for this feature is sufficient. If the transport is something the operator picks, then it gets more complicated. E.g., - add a config=false leaf or leaf-list identifying the transports supported by the server - add a config=true leaf to the radius/server list (page 21) specifying the transport for the server to use - add new identity statements for the standard transports > - Jouni (RADEXT co-chair) Andy
- [radext] Comment on draft-ietf-netmod-system-mgmt… Jouni Korhonen
- Re: [radext] [netmod] Comment on draft-ietf-netmo… Andy Bierman
- Re: [radext] [netmod] Comment on draft-ietf-netmo… Martin Bjorklund
- Re: [radext] [netmod] Comment on draft-ietf-netmo… Jouni Korhonen
- Re: [radext] [netmod] Comment on draft-ietf-netmo… Andy Bierman