[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last call on extensions document?

To: Alan DeKok <aland@deployingradius.com>
Subject: Re: Last call on extensions document?
From: Peter Deacon <peterd@iea-software.com>
Date: Fri, 5 Aug 2011 08:51:19 -0700 (Pacific Daylight Time)
Cc: 'radext mailing list' <radiusext@ops.ietf.org>
In-reply-to: <4E3BD854.1050006@deployingradius.com>
References: <4E2ECDC5.5060207@deployingradius.com> <alpine.WNT.2.00.1108021337010.2140@littlesmurf> <4E386DFA.10904@deployingradius.com> <alpine.WNT.2.00.1108040938170.3484@SMURF> <4E3B3EB0.2040606@deployingradius.com> <alpine.WNT.2.00.1108042112130.3484@SMURF> <4E3BD854.1050006@deployingradius.com>
User-agent: Alpine 2.00 (WNT 1167 2008-08-23)

On Fri, 5 Aug 2011, Alan DeKok wrote:

Use of naming services to abstract network addresses is universal.  Kind
of the whole point of using these systems in the first place.

 What I meant was that *unexpected* changes are a problem.  DNS is
nice, and useful for many things.  RADIUS policies are usually
relatively fixed.  Having them depend on DNS means that a non-RADIUS
admin can effectively update the RADIUS policies.

 I've seen this cause problems in practice, which makes me wary of it.

By specifying a name you delegate responsibility for resolution to thenaming service. This is always the case no matter where that name isstored.

Without combo IP the system needs *extra* intelligence to know the IPv4
and IPv6 analogue for each attribute.  With combo IP this is unnecessary
as the same attribute can be used and the system just works.

 The main way I can see combo IP being useful is if family-specific
attributes were to be deprecated.

 Unless there's a groundswell of support for it on this list, I don't
see combo-IP making it into the document.

This was never my intention. My intention was a couple of paragraphs toexplain a new data type attribute designers may want to take advantage offor their *future* work while implementing new attributes in the newattribute space.


regards,
Peter

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: Last call on extensions document?
  - From: Alan DeKok <aland@deployingradius.com>

References:
- Last call on extensions document?
  - From: Alan DeKok <aland@deployingradius.com>
- Re: Last call on extensions document?
  - From: Peter Deacon <peterd@iea-software.com>
- Re: Last call on extensions document?
  - From: Alan DeKok <aland@deployingradius.com>
- Re: Last call on extensions document?
  - From: Peter Deacon <peterd@iea-software.com>
- Re: Last call on extensions document?
  - From: Alan DeKok <aland@deployingradius.com>
- Re: Last call on extensions document?
  - From: Peter Deacon <peterd@iea-software.com>
- Re: Last call on extensions document?
  - From: Alan DeKok <aland@deployingradius.com>

Prev by Date: Re: Last call on extensions document?
Next by Date: Re: Last call on extensions document?
Previous by thread: Re: Last call on extensions document?
Next by thread: Re: Last call on extensions document?
Index(es):
- Date
- Thread