[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue 102: NAS/QoS Filter Rule

To: <paul.congdon@hp.com>, <radiusext@ops.ietf.org>
Subject: RE: Issue 102: NAS/QoS Filter Rule
From: <Pasi.Eronen@nokia.com>
Date: Mon, 26 Sep 2005 18:42:42 +0300

paul.congdon@hp.com wrote:

> Since these rules govern access policies, it is believed that a
> strong hammer is better than simply ignoring things that aren't
> understood or implemented.  These should apply equally for
> permit rules or deny rules.  If the NAS can't interpret the
> rule, it can't enforce the desired policy either and still MUST
> terminate the session, so if it gets lost parsing things, this
> rule should also apply.

I agree.

> I agree that we need to make sure parsing is unambiguous.  
> I suppose we need a line feed at the end of each rule and 
> perhaps this needs to be escaped as well for the 
> tunnel-assignment-ID issue.

Yes, I also think that having an unambiguous "rule end" (or "rule
separator") character (LF, NUL, or something) would simplify the
parsing... It would be even nicer if the escape mechanism for
tunnel-assignment-ID would "hide" these characters somehow.

Perhaps we should use "percent-hex-hex" escaping like URIs?
(e.g. NUL would turn to "%00", not backslash+NUL).

Best regards
Pasi

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Issue 102: NAS/QoS Filter Rule
Next by Date: FW: I-D ACTION:draft-salowey-radext-delegated-prefix-00.txt
Previous by thread: RE: Issue 102: NAS/QoS Filter Rule
Next by thread: Issue 102: NAS/QoS Filter Rule
Index(es):
- Date
- Thread