Re: [Issue] Review of draft-ietf-radext-digest-auth-01.tx t, Diameter dependency

[Jari Arkko <jari.arkko@piuha.net>]

I agree with most of the comments that you Bernard made
in the original review, module the responses that Wolfgang
sent, which also seemed reasonable.

Re: nonce generation incompatibility. First, I agree that
Diameter SIP should be extended to cover client-generated
nonce support. I presume that's possible. If not we need to
know now, because then a change in the RADIUS SIP would
be more appropriate.

Re: making nonces work in roaming setting. Yes, this is
an issue. One way of fixing it is making it possible for
a AAA client go start a process such that the AAA server
comes back and says "I let you do the nonces". This would
be the default, and you would skip this useless roundtrip if
and only if you know for a fact that you are running completely
in an environment that doesn't need server generated nonces.
(Another approach would be cut away the client generated mode
and always do two roundtrips. We can't remove server
mode because some algorithms depend on it.)

Re: location of the compatibility section. I think the two
drafts simply have to progress in lock step. This is obvious
from the nonce discussion, imho. I'd prefer
the compatibility section to be where it is currently.

--Jari


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>