Re: [radext] [Technical Errata Reported] RFC5176 (4311)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 21 April 2015 17:16 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22E3F1A6FF5 for <radext@ietfa.amsl.com>; Tue, 21 Apr 2015 10:16:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PZ3rT2VGlxs0 for <radext@ietfa.amsl.com>; Tue, 21 Apr 2015 10:16:26 -0700 (PDT)
Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 716B01A1BBC for <radext@ietf.org>; Tue, 21 Apr 2015 10:16:25 -0700 (PDT)
Received: by laat2 with SMTP id t2so156332347laa.1 for <radext@ietf.org>; Tue, 21 Apr 2015 10:16:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=m48M3F1I3dUT8DAkK8EDkX75WzZpZVSMiv4FRt5vC3g=; b=Jv9V4cAMQ71VhI+4Z+N1ZAy4n4/ZlYu5REWzmK/Q0rTO+8CeFuvphSWTwqfJhunKNA AJtZdYM5VUn40emg6NZYB2umAnQPxeU/wnYg9/J5HqHkfoM8gGmjU9s/li5NVIiUude3 Q2tu5scgvG3p5/MGSoTJsShj4oUMmPpK8/WWlUBoFAjDytIMUfAKHt2IwOSWoYVdGlJ2 +McXW9SV6NrlzApmk+LCxyC0rxMVBLDIjmDVLQ7kWX+ZRXfb1DYegUEwnDfQ/eYvB5WJ dHz6EWXv97JQMceS78w1dT/O3ArR8AqMqO0gNWbl4I4wgUCMDlCKwA2LBOr3AGvTooA+ SSXw==
MIME-Version: 1.0
X-Received: by 10.112.29.36 with SMTP id g4mr21548969lbh.56.1429636583986; Tue, 21 Apr 2015 10:16:23 -0700 (PDT)
Received: by 10.112.11.199 with HTTP; Tue, 21 Apr 2015 10:16:23 -0700 (PDT)
In-Reply-To: <20150323165024.CFFDA180459@rfc-editor.org>
References: <20150323165024.CFFDA180459@rfc-editor.org>
Date: Tue, 21 Apr 2015 13:16:23 -0400
Message-ID: <CAHbuEH7Z83dWUgJuYX0gqsr5uEYqQ9KrCPuZv1R_uEjU01qXXg@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: multipart/alternative; boundary="001a1133f994bf1a8e05143f34b0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/radext/dY7iRnrOr5Pugf394us_rvKTpUU>
X-Mailman-Approved-At: Tue, 21 Apr 2015 12:15:26 -0700
Cc: "gdommety@cisco.com" <gdommety@cisco.com>, "radext@ietf.org" <radext@ietf.org>, Alan DeKok <aland@freeradius.org>, "<lionel.morand@orange.com>" <lionel.morand@orange.com>, Stefan Winter <stefan.winter@restena.lu>, joel jaeggli <joelja@bogus.com>, bernarda@microsoft.com, "david@mitton.com" <david@mitton.com>, Benoit Claise <bclaise@cisco.com>, "meklund@cisco.com" <meklund@cisco.com>, "mchiba@cisco.com" <mchiba@cisco.com>
Subject: Re: [radext] [Technical Errata Reported] RFC5176 (4311)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2015 17:16:28 -0000
Hello, I haven't seen any discussion on this from the Radext WG. The report looks reasonable and make sense to me, but would like to hear from the chairs to confirm. Since this is getting addressed in a new draft, I would be included to mark this as "Hold for Document Update". This puts the errata with this draft (it's not rejected) and can be added to a new revision of this particular draft if it gets updated in the future. Please let me know if you agree/disagree and I'll mark it appropriately. Thanks! On Mon, Mar 23, 2015 at 12:50 PM, RFC Errata System < rfc-editor@rfc-editor.org> wrote: > The following errata report has been submitted for RFC5176, > "Dynamic Authorization Extensions to Remote Authentication Dial In User > Service (RADIUS)". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=5176&eid=4311 > > -------------------------------------- > Type: Technical > Reported by: Alan DeKok <aland@freeradius.org> > > Section: 2.3 > > Original Text > ------------- > Section 2.3 says: > > In CoA-Request and Disconnect-Request packets, all attributes MUST > be treated as mandatory. > > > Corrected Text > -------------- > In CoA-Request and Disconnect-Request packets, all attributes MUST > be treated as mandatory, except Proxy-State. See Section 3.1 for a > discussion of how the NAS must handle Proxy-State. > > Notes > ----- > This was seen with vendor equipment. CoA proxying was done to the NAS, > and the proxy was adding and forwarding Proxy-State as required by Section > 3.1. However, the NAS was returning a CoA-NAK with Error-Cause = > Unsupported-Attribute. > > The issue comes because Proxy-State is called out in Section 3.1 for > special handling. However, that special handling isn't called out in > Section 2.3. As a result, implementors can get confused. > > The RADEXT WG is rechartering with a document to address CoA proxying. We > will also be addressing this issue in that document. There are additional > attributes which a NAS should ignore, OR which should be filtered out by > the proxy closest to the NAS. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party (IESG) > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC5176 (draft-ietf-radext-rfc3576bis-13) > -------------------------------------- > Title : Dynamic Authorization Extensions to Remote > Authentication Dial In User Service (RADIUS) > Publication Date : January 2008 > Author(s) : M. Chiba, G. Dommety, M. Eklund, D. Mitton, B. Aboba > Category : INFORMATIONAL > Source : RADIUS EXTensions > Area : Operations and Management > Stream : IETF > Verifying Party : IESG > > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext > -- Best regards, Kathleen
- [radext] [Technical Errata Reported] RFC5176 (431… RFC Errata System
- Re: [radext] [Technical Errata Reported] RFC5176 … Kathleen Moriarty
- Re: [radext] [Technical Errata Reported] RFC5176 … lionel.morand
- Re: [radext] [Technical Errata Reported] RFC5176 … Kathleen Moriarty
- Re: [radext] [Technical Errata Reported] RFC5176 … lionel.morand
- [radext] [Errata Verified] RFC5176 (4311) RFC Errata System