Re: [radext] Implementation inventions

Alan DeKok <aland@deployingradius.com> Tue, 22 August 2023 12:22 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9D8AC151090 for <radext@ietfa.amsl.com>; Tue, 22 Aug 2023 05:22:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f8JamZKGgnYn for <radext@ietfa.amsl.com>; Tue, 22 Aug 2023 05:22:10 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E22EEC14CF15 for <radext@ietf.org>; Tue, 22 Aug 2023 05:22:08 -0700 (PDT)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 40AA151B; Tue, 22 Aug 2023 12:22:06 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CAA7Lko_WY-yDX5XJUqNGN2MQ+m5_9eY_4eEBs1VJNsgZ3mOrsQ@mail.gmail.com>
Date: Tue, 22 Aug 2023 08:22:04 -0400
Cc: "radext@ietf.org" <radext@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <7DED2D44-0972-4013-952B-F41F243C945D@deployingradius.com>
References: <2B40BD0B-8C16-491C-90F8-B744F2E4E2D3@deployingradius.com> <SN4PR10MB5589C79F441AFBB72493DA84A10CA@SN4PR10MB5589.namprd10.prod.outlook.com> <A4625416-E62C-45F9-ABDF-3FDF3034511C@deployingradius.com> <CAA7Lko_WY-yDX5XJUqNGN2MQ+m5_9eY_4eEBs1VJNsgZ3mOrsQ@mail.gmail.com>
To: Heikki Vatiainen <hvn@radiatorsoftware.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/g0TcnGEzPS2fISQpXUQr66w0HHg>
Subject: Re: [radext] Implementation inventions
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Aug 2023 12:22:11 -0000

On Aug 22, 2023, at 8:02 AM, Heikki Vatiainen <hvn@radiatorsoftware.com> wrote:
> Something for the list: RADIUS dynauth server that returned NAK when Message-Authenticator was in a dynauth request. It's been a while when that was noticed, but not that many years. The attribute is not required, but these kinds of small variations make it hard to create dynauth messages in multivendor systems.

  Or a similar one:  CoA contains received at a proxy, and contains Proxy-State... so it should be rejected.  But I think we addressed that in RFC 5176.

> Maybe the list could be added to the WG github for the moment? It could help to avoid it to getting lost.

  Good idea.  I've created one:

https://github.com/radext-wg/issues-and-fixes-2

  I've given you write access.  and added a wiki page:  https://github.com/radext-wg/issues-and-fixes-2/wiki

  I can give people write access to the Wiki, and we can save issues there.  We may have enough issues for a new document.

  Alan DeKok.