RE: Charter questions

[Bernard Aboba <aboba@internaut.com>]

> I would have a set of issues that would prevent me from
> feasibly implementing the proposal. Many stem from the my interpretation
> that the entire QoS policy is captured in a single 'value'. If anything it
> reinforces my previous concerns about the approach AAA is taking to
> addressing these issues: No problem, here's a new AVP.

Yup, that pretty much summarizes the mind-set ;)

I'd suggest if you think that the AVP is broken or not very useful even
for the limited set of scenarios it's trying to address, that
an issue should be filed on this. 

> My reading is that DIAMETER has 'a' QoS semantic. Frankly, my experience
> would suggest that DIAMETER has trouble leveraging any prior work other than
> RADIUS.

I think it's accurate to say that the goals for the QoS AVP were not very
lofty. I'm not sure that this is a problem per se, since COPS has much
more sophisticated capabilities in this regard.

> NOPE. EAP requires an extra pair of messages for challenge negotiation.

But COPS now does support EAP authentication as well, correct? 

> Network Access is implicit. In fact, there are models that are discussed in
> the draft that allow limited Network Access policies (specifically to HTTP
> based authentication servers) prior to full Network Access and user specific
> policy assignments.

How many of the other RFC 2989 requirements does the COPS/AAA 
functionality satisfy? Souds like you've essentially got functionality
equivalent to Diameter NASREQ, and Accounting. Can it do Mobile IP
too? Protection of AVPs end-to-end a la CMS-Sec?