Logical sessions vs. statement reconcilliation (was RE: )

["Nelson, David" <dnelson@enterasys.com>]

Avi Lior writes...

> When User-name is not available, CUI can be used to help 
> correalating related (shorter) accounting session into 
> longer "user experienced session" that extend over multiple
> disconnect and reconnect cases.

I think what this means is that the Home AAA might choose to issue a one
consistent value of the "user handle" (CUI) for a number of
authentication requests, and switch to issuing a different consistent
value after some session threshold has expired, e.g. 24 hours after the
initial "sign-up" for service, or at 12:00 noon on each day of use, etc.

This is not immediately in conflict with the notion that the CUI value
is sufficiently long-lived as to be useful for billing purposes, but
sufficiently short-lived as to protect anonymity, when such is required.
This is especially so as the longevity issue is left as out-of-scope for
the document.

The grouping of accounting records by CUI value is very similar to
grouping of accounting records by User-Name value -- typically a
reconciliation process that leads to issuing an itemized statement or
bill, e.g. on a monthly basis.

One question remains in my mind, however.  If the Home AAA changes the
CUI value for a given user on a (frequent) logical session basis, how
many CUI values will the Home AAA need to remember as belonging to the
given user, in order for the end-of-month statement reconciliation
process to be feasible? 



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>