IETF Logo Mail Archive

Re: [radext] Extended IDs

David Carrel <carrel@ipsec.org> Tue, 12 December 2017 04:22 UTC

Return-Path: <david@carrel.net>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 441DC1293DB for <radext@ietfa.amsl.com>; Mon, 11 Dec 2017 20:22:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipsec-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P7OfKQxlcASV for <radext@ietfa.amsl.com>; Mon, 11 Dec 2017 20:22:03 -0800 (PST)
Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DD60126DED for <radext@ietf.org>; Mon, 11 Dec 2017 20:22:03 -0800 (PST)
Received: by mail-lf0-x22d.google.com with SMTP id 74so21693774lfs.0 for <radext@ietf.org>; Mon, 11 Dec 2017 20:22:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipsec-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=Jtc+7z5uZWMMWVSnZKiGk0ZSj331qGmId8s3Qgy+EjY=; b=K5JAwue/znB46orce7HoYOfohpoo6sUrvv32NNUOu9ijWM987hGATH2SP1qHPGpgTB RDqReo8ICXccJZYb28KxkWrrEqer2dUx3jsRey4rKLnFmAiRUTR9IInuSyy/XXiord+3 0YeM4A0MWiVq2hTLoQ7s1i5ruKwfWOUp29RrzGSoPnEdaICG7lQbmevGuf07EC9h+gaL cyt8LfBveH9mhMWgkS4FNPawYBYIsPfkPBPVnWFs6vp6pBiiUJjVD19T8UibrCy1wP22 NWYvwEGdr9PbU6DHNda7mw05TLyZh5LIn+HFpQKM2TVJOU9XkLJR4d0sIG3BACQTPLRW GQVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=Jtc+7z5uZWMMWVSnZKiGk0ZSj331qGmId8s3Qgy+EjY=; b=kAnEjOWJpeOlM6cLS14QkkcYmZ1lT9FBlIxCtr6YZYt7hEFYKDgHAJOCzXzVbZKDkk ts5cLdjBmCWO2Arh7id4ekQOgrRkXNiCdyrRz7UEIDi1A/EUA+Zp45PUY579CfzMXHG6 vm5X1gNdUNrE4YjvZrFidzVG0RrLTKiSb852V9RMLOMqpXJQhDIL/on8VhRQbXNW1TcR h4WN4w09+Ax4UMJbyd3/f8VASeAeyXMyPgWODZ8Ql2TugNttR/aQNsDvRkXeGXsoDq2J qOhzUztCMtje1Q7o66+077Qx2GA/4x6GziFb3nUTgiARzbs1lM+gWz15ggDEyVXJKz/w ZJdA==
X-Gm-Message-State: AKGB3mLCEyaJ7UHZrhhnXcQlmrs4F60JqR1lcRHbYa4VeKmybs3SMHoO fdRRCbFGpVlwvIrV+OIOIHomUsD1IuAJOsXWlZKtxF9P
X-Google-Smtp-Source: ACJfBot9RVO6ke2BbQwaTMIAHQQoJDGoeBiomN+VxNVT+xrophYtzuLRdLJ9GhVrcR9er7yVXkegvHaYF1tFzfyk6wo=
X-Received: by 10.46.116.1 with SMTP id p1mr1325020ljc.103.1513052520864; Mon, 11 Dec 2017 20:22:00 -0800 (PST)
MIME-Version: 1.0
References: <fef698a5-9802-c9be-04d7-1e869651c988@restena.lu> <dfd0ff02-c9e8-7253-4fb4-1e6def3e93b2@restena.lu> <C50ED086-A344-492B-9782-53FB5A1C0761@cisco.com> <2D707CD0-5C6D-4ABE-9829-820D6145E98F@deployingradius.com> <1465D072-52D7-4FC3-88A6-E1A97740B753@cisco.com>
In-Reply-To: <1465D072-52D7-4FC3-88A6-E1A97740B753@cisco.com>
From: David Carrel <carrel@ipsec.org>
Date: Tue, 12 Dec 2017 04:21:50 +0000
Message-ID: <CAEMKEFQ6auy81E0=0f_xiSADgitmsnU-Y+nQTJCVmJexyM3Xgw@mail.gmail.com>
To: "radext@ietf.org" <radext@ietf.org>
Content-Type: multipart/alternative; boundary="089e0827b3d408778d05601cfe31"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/i01ClmgIWsrdemU1LqG0bsr1jh0>
Subject: Re: [radext] Extended IDs
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Dec 2017 05:17:08 -0000

I also support moving forward with draft-chen-radext-identifier-attr as the
base for future work.  To me it seems to be a cleaner solution and that it
will be easier to create interoperability.  Adding additional semantic
meanings to an existing field (the Authenticator) does seem to be fraught
with potential risk. Certainly either of these could move forward to
address the scalability issue, but I prefer draft-chen-

As others have mentioned, I think we should look at removing the
requirement for this attribute to be in a fixed position (first).

Dave

v2.23.0 | Report a Bug | By Email