IETF Logo Mail Archive

Re: [radext] Extended IDs

Jun Zhuang <jun_zhuang@yahoo.com> Tue, 12 December 2017 23:27 UTC

Return-Path: <jun_zhuang@yahoo.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9025D126DC2 for <radext@ietfa.amsl.com>; Tue, 12 Dec 2017 15:27:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.489
X-Spam-Level:
X-Spam-Status: No, score=-2.489 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_MUA_MOZILLA=2.309, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gJp7iEn0qClL for <radext@ietfa.amsl.com>; Tue, 12 Dec 2017 15:27:46 -0800 (PST)
Received: from sonic305-22.consmr.mail.ne1.yahoo.com (sonic305-22.consmr.mail.ne1.yahoo.com [66.163.185.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99DBE124234 for <radext@ietf.org>; Tue, 12 Dec 2017 15:27:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1513121265; bh=Kon+K3KpZSzB0yEK7Bv4l6Imz3k1lu5HQqmPq0RydWg=; h=Date:From:To:In-Reply-To:References:Subject:From:Subject; b=k4wP8DkKajf6DcNC9KxreiU/32hsAlqM75WcGUE4vXSSp4J9mvIh95mgUnp/grZZm9+YTpETuHDrh64qOvrbfarexsYWKPyiRMg75wZg+YnBY2pI2gn8lfWY+wbMwJvTYtJGKi2Ko3J2yy+s+qnNW8i/wVzgdc8m1Mcz1D9m1L51iXsTfn8VGQ6i+Wv4bqBZBVeW7phRqYErDvDn4bzoD6khSH2Hgqe/FqwbdVJqYtnXXuos/c9F/CDRwWXbKZe1wsx68He8i/o1osBhABGn0nMk+WnBFYHJEUy5QNs4iKSKtIfibGT7+sSw7d8i4e8RIDNLcnYerI0x4Mq0ZImTxg==
X-YMail-OSG: AdEYxhoVM1mGbzOmN.nDakIKsNHZpG4sFp0VxnXiCYWrdF._f2t0xTnvK4OZnhT 8OADNa6.qo4zl4OyHNMVo8ypCx_.ACK9WauedZglypW9u_N89xurwbLYUxX3.HEibOqVn5kql0sd GJFYQUs_1V70GxurYM9fasR7yZiBF4AjmYE9x.9I1oqVZDbDKAX6kv.zBJZTEc4bbsO80UvSgdqn c_y3p9QsI_IEqR0sM8ndQ1PyQrwqrFmbgd_tNv9ZrACFXXSlnkkimuK8kYOkDzFjsPhHHnVeBx0t pO1dZMVSqniTUTpJ9BvKkIrwOEnXY0jWtyuTHtoW8kpW9Nuie3Bd7fv4UcJo7WoxxCGAG88.Q2jM E.iZSIWw80eNfVAcU6T1JjbtJaSjz.4w2dl_FhlsYy9M7BnIaSxMXd_PYfd2MoW_q4pyDKIZkqlL JAyotghJSXlij5Y15.wz4KEhwIhinFxD215Jc4yEjvJpDmvm2sidKoR8hGAPUjyHXr8_pRIWN3Mo gIruJsAP1rcwbPSD8t8BmIxPoM1U-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ne1.yahoo.com with HTTP; Tue, 12 Dec 2017 23:27:45 +0000
Date: Tue, 12 Dec 2017 23:27:27 +0000
From: Jun Zhuang <jun_zhuang@yahoo.com>
To: "radext@ietf.org" <radext@ietf.org>
Message-ID: <966900709.4100660.1513121247433@mail.yahoo.com>
In-Reply-To: <933E6F70-A7C1-4168-9AC9-F925EF78D9E2@jisc.ac.uk>
References: <fef698a5-9802-c9be-04d7-1e869651c988@restena.lu> <dfd0ff02-c9e8-7253-4fb4-1e6def3e93b2@restena.lu> <933E6F70-A7C1-4168-9AC9-F925EF78D9E2@jisc.ac.uk>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_4100659_1705029524.1513121247430"
X-Mailer: WebService/1.1.11051 YMailNorrin Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/jhvi3tDXL7xuNQz9LGIndb5ebQ8>
Subject: Re: [radext] Extended IDs
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Dec 2017 23:27:49 -0000

 
Hi,
After reading both drafts, I prefer draft-chen-radex-identifier-attr-02 over draft-dekok-radex-request-authenticator-02, as I think it is cleaner solution and will be easier to debug and deploy.  
Also, I noticed that draft-chen-radex-identifier-attr-02 was published last July to address the problem. The draft-dekok-radex-request-authenticator-02 was published this April this year, an interval of more than 10 months. Since both are open to revising and improvement, I vote for adopting the draft-chen-radex-identifier-attr-02 as the base and go forward.

Regards,
James Zhuang
    On Tuesday, December 12, 2017, 12:39:22 PM PST, Adam Bishop <Adam.Bishop@jisc.ac.uk> wrote:  
 
 On 28 Nov 2017, at 13:54, Stefan Winter <stefan.winter@restena.lu> wrote:
> In your reply to this call for adoption, please indicate which of the
> two drafts you think should be adopted. You can of course also indicate
> that none of the two are fit for purpose. The only thing you really
> shouldn't do is to vote for both; that wouldn't help the discussion move on.

Having read both drafts, I think the approach in draft-dekok is more suitable for adoption.

While assigning additional meaning to existing values can be problematic, there is sufficient explanation already present in the draft to reassure me that this shouldn’t interact negatively with existing implementations, and avoids changing or extending the header.

I agree with the observation that draft-chen could be problematic in federated deployments due to the potential for the identifier to leak between hops.

Regards,

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  
_______________________________________________
radext mailing list
radext@ietf.org
https://www.ietf.org/mailman/listinfo/radext

v2.23.0 | Report a Bug | By Email