[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [radext] #41: A1.2

To: bernard_aboba@hotmail.com
Subject: Re: [radext] #41: A1.2
From: "radext issue tracker" <trac@tools.ietf.org>
Date: Mon, 21 Jun 2010 07:18:39 -0000
Auto-submitted: auto-generated
Cc: radiusext@ops.ietf.org
In-reply-to: <066.35ef0fd4b0f0bfa68c437991b72c5c9d@tools.ietf.org>
References: <066.35ef0fd4b0f0bfa68c437991b72c5c9d@tools.ietf.org>
Reply-to: radiusext@ops.ietf.org

#41: A1.2
---------------------------------------+------------------------------------
 Reporter:  bernard_aboba@â            |       Owner:            
     Type:  defect                     |      Status:  new       
 Priority:  major                      |   Milestone:  milestone1
Component:  design                     |     Version:  1.0       
 Severity:  Submitted WG Document      |    Keywords:            
---------------------------------------+------------------------------------
Description changed by bernard_aboba@â:

Old description:

> Does the data provide authentication and/or security capabilities for
>    the RADIUS protocol, as outlined below?  If so, it SHOULD be
>    allocated from the standard space via "IETF consensus", and SHOULD
>    NOT be allocated from the vendor space.
>
> [BA] A BCP should not be setting IANA allocation policy.  Recommended
> change:
>
>    Does the data provide authentication and/or security capabilities for
>    the RADIUS protocol, as outlined below?  If so, it SHOULD be
>    allocated from the standard space.

New description:

 A.1.2. Transport of Authentication and Security Data

    Does the data provide authentication and/or security capabilities for
    the RADIUS protocol, as outlined below?  If so, it SHOULD be
    allocated from the standard space via "IETF consensus", and SHOULD
    NOT be allocated from the vendor space.

       * Complex data types that carry authentication methods which
         RADIUS servers are expected to parse and verify as part of
         an authentication process.

       * Complex data types that carry security information intended
         to increase the security of the RADIUS protocol itself.

    Any data type carrying authentication and/or security data that is
    not meant to be parsed by a RADIUS server is an "opaque data type",
    as defined below.

 [BA] This section appears disjointed, as though it was missing some text.
 Recommended change:

 A.1.2. Transport of Authentication and Security Data

    Does the data provide authentication and/or security capabilities for
    the RADIUS protocol, as outlined below?  If so, use of a complex data
 type is acceptable, under the following circumstances:

       * Complex data types that carry authentication methods which
         RADIUS servers are expected to parse and verify as part of
         an authentication process.

       * Complex data types that carry security information intended
         to increase the security of the RADIUS protocol itself.

    Any data type carrying authentication and/or security data that is
    not meant to be parsed by a RADIUS server is an "opaque data type",
    as defined below.

--

-- 
Ticket URL: <http://trac.tools.ietf.org/wg/radext/trac/ticket/41#comment:1>
radext <http://tools.ietf.org/radext/>


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- [radext] #41: A1.2
  - From: "radext issue tracker" <trac@tools.ietf.org>

Prev by Date: [radext] #41: A1.2
Next by Date: [radext] #42: A1.4
Previous by thread: [radext] #41: A1.2
Next by thread: Re: [radext] #41: A1.2
Index(es):
- Date
- Thread