Re: RADEXT Issue 148 Item 6

["Alan DeKok" <aland@ox.org>]

"Nelson, David" <dnelson@enterasys.com> wrote:
> And the inference is that the recommended or suggested VSA format in RFC
> 2865 is not sufficient to establish syntax rules for VSAs, is that
> right?  I think that Alan DeKok's position is that some implementations
> chose to interpret the VSA suggestions as syntax rules, and enforce them
> as such.

  Yes.  Without a clear definition of "malformed", those
implementations are compatible with the specs.  Unless we choose to
define "malformed" in the MIB documents, we cannot label those
implementations as non-compliant.

> I think Alan's suggestion was (a).

  Yes.  The counting method used for "malformed" is
implementation-dependent.  As is the counting method for all other
counters, too (barring standardized test vectors).

> (b) is to be desired, but it will likely draw criticism from those
> whose implementations don't match the new normative definition of
> "malformed".  While the "legislative intent" information from the
> RADIUS WG deliberations is enlightening and instructive, at the end
> of the day we are left with the text that was actually incorporated
> in the RFCs.

  Recognizing that the counters are implementation-dependent is a good
idea.  Recommending behavior is a good idea.

  We can recognize that there is no definition of "malformed", that
the counters are implementation-dependent, and then recommend that the
contents of VSA's are out of scope of the counter.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>