[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Capabilities: Summary

To: <radiusext@ops.ietf.org>
Subject: Capabilities: Summary
From: "Tschofenig, Hannes" <hannes.tschofenig@siemens.com>
Date: Sun, 9 Oct 2005 22:19:17 +0200
Cc: "Bernard Aboba" <aboba@internaut.com>, <avi@bridgewatersystems.com>

hi all,

i would like to finalize the discussions about the capabilities in the
draft-ietf-geopriv-radius-lo-04.txt document. in this draft we suggested
an attribute that is sent in both directions (from nas -> aaa server and
from aaa server -> nas). bernard suggested an alternative solution that
basically avoided the attribute from the nas -> aaa server. 

here is the summary of bernards proposal (provided by himself): 

------------

a. RADIUS Server REQUIRES location in Access-Request or 
Accounting-Request:  server sends an Access-Challenge with an attribute 
that expresses what is required. 

b. RADIUS server would like location information in the
Accounting-Request 
but does not require it:  RADIUS server sends an Access-Accept with an 
attribute that expresses what is desired. 

c. RADIUS server REQUIRES location in Access-Request, but has not
received 
it after sending an Access-Challenge:  RADIUS server 
sends an Access-Reject with an Error-Cause attribute with value "Missing

Location Information"

------------

avi raised a few other issues, namely:

a) problems seem to appear if the nas does not support the challenge.
then the challenge will be treated as a reject.
 
b) avi presented a use case that seems to require the usage of a
capability attribute sent from the nas -> aaa server: 

the provided service depends on the availability of location information
in the access-request. the aaa server will not reject the request if
location information is not provided but the authorization decision
depends on whether location information is present at all and based on
the specific location information itself. a default service will be
provided if location is not available and more services will be enabled
depending on the specific location information provided to the aaa
server. 

is my summary correct? 

ciao
hannes

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Conclusion of Pre-Work Item Review on Bandwidth Document
Next by Date: RE: Capabilities: Summary
Previous by thread: Conclusion of Pre-Work Item Review on Bandwidth Document
Next by thread: RE: Capabilities: Summary
Index(es):
- Date
- Thread