Issue:

[Murtaza Chiba <mchiba@cisco.com>]

Description of issue:
	VSAs for  Session-Identification

Submitter name: Murtaza S. Chiba

Submitter email address: mchiba@cisco.com

Date first submitted: April 25th 2005

Reference: URL to e-mail describing problem, if available

Document: RFC3576

Comment type: E

Priority: 1

Section: 3

Rationale/Explanation of issue:
   Some VSAs could be used for Session-Identification in addition to 
any authorization purpose.

Length description of problem
   In section 3 under Session Identification attributes, 
Vendor-Specific attributes are not mentioned.  This should be left to a 
vendor to decide which attributes designate session identification and 
which designate authorization in the case where ambiguity is clearly 
eliminated.  That is a subtype and/or contents readily distinguish 
between session identification and authorization.

   Also in section 3.3 Note 3 mentions that the VSA is only for 
authorization.  This too should be changed to allow for session 
identification.


Requested change:
Section 3:
Please add VSA to the list under "Session identification attributes" the 
following text

Vendor-Specific    26   [RFC2865]  The Vendor Specific attribute used
                                   for Session Identification purposes.

Section 3.3:
Modify note 3. from

"When included within a CoA-Request, these attributes
 represent an authorization change request"

to

"When included within a CoA-Request, these attributes MAY represent an 
authorization change requests"


Thanks,
Murtaza

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>