RADEXT WG RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Greg Weber November 8th, 2005 v1 IETF-64, Vancouver.

Slides:



Advertisements
Similar presentations
Linear Confidential Linear Technology Response to RFP – ETSI TC ERM Request for Changes.
Advertisements

© 2004 The MITRE Corporation. All rights reserved SCPS-TP Updates Cislunar WG Meeting CCSDS Toulouse November 2004.
Diameter Extended NAPTR Thursday, November 11, 2010 draft-ietf-dime-extended-naptr Mark Jones Jouni Korhonen IETF 79 Beijing, China.
Draft-ietf-ospf-segment-routing-extensions-01 draft-psenak-ospf-segment-routing-ospfv3-extension- 02 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,
Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
Prefix Delegation Protocol Selection T.J. Kniveton MEXT Working Group IETF 70 - December ’07 - Vancouver.
Dime WG Status Update IETF#80, 1-April Agenda overview Agenda bashing WG status update Active drafts Recently expired IESG processing Current milestones.
Extended Attributes RADEXT - IETF 79 Alan DeKok FreeRADIUS Avi Lior Bridgewater.
Draft-ietf-abfab-aaa-saml Josh Howlett IETF 90. Remaining issues (recap from IETF 89) SAML naming of AAA entities The focus of this presentation Alejandro.
1 Miscellaneous Capabilities for IP Network Infrastructure IETF 64 Vancouver, BC, Canada November 2005.
Management Attributes RADEXT WG November 8, 2005 Dave Nelson Greg Weber IETF-64, Vancouver.
March 2006IETF 65, Dallas1 Diameter NASreq (RFC 4005) and RADIUS Compatibility David Mitton RSA Security Inc. draft-mitton-diameter-radius-vsas-01.txt.
RADEXT WG IETF 91 Rechartering. Why? Current charter doesn’t allow us to take on new work that is waiting in the queue Has an anachronistic Diameter entanglement.
OSPF WG – IETF 69 - Chicago OSPF WG Document Abhay Roy/Cisco Systems Acee Lindem/Redback Networks.
WSON Summary Young Lee Document Relationships Information Gen-constraints Encode WSON Encode Signal Compatibility OSPF Gen-constraints.
Extensions to OSPFv2 for Advertising Optional Route/Link Attributes draft-mirtorabi-ospf-tag-00.txt Sina Mirtorabi
RADEXT WG RADIUS Attribute Guidelines Greg Weber March 21 st, 2006 IETF-65, Dallas v1 draft-weber-radius-attr-guidelines-02.txt draft-wolff-radext-ext-attribute-00.txt.
1 BGP Traffic Engineering Attribute draft-fedyk-bgp-te-attribute-03.txt Yakov Rekhter, Don Fedyk, Hamid Ould-Brahim IETF 70 th, Vancouver Meeting, CCAMP,
Prepaid Extensions to RADIUS (draft-lior-radius-prepaid-extensions-10.txt) A. Lior Bridgewater Systems P. Yegani Cisco Systems K. Chowdhury Starent Networks.
Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
RADEXT WG RADIUS Attribute Guidelines Greg Weber IETF-63, Paris.
Extended Attributes RADEXT - IETF 81 Alan DeKok FreeRADIUS Avi Lior Bridgewater.
Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS.
DIME WG IETF 84 Diameter Design Guidelines draft-ietf-dime-app-design-guide-15 Tuesday, July 31, 2012 Lionel Morand.
Draft-psenak-ospf-segment-routing-ospf-extension-03 draft-psenak-ospf-segment-routing-ospfv3-extension-00 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,
Draft-tarapore-mbone- multicast-cdni-07 Percy S. Tarapore, AT&T Robert Sayko, AT&T Greg Shepherd, Cisco Toerless Eckert, Cisco Ram Krishnan, Brocade.
Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.
BGP extensions for Path Computation Element (PCE) Discovery in a BGP/MPLS IP-VPN draft-kumaki-pce-bgp-disco-attribute-03.txt Kenji Kumaki KDDI R&D Labs,
draft-jounay-pwe3-dynamic-pw-update-00.txt IETF 70 PWE3 Working Group
IP Flow Information eXport (IPFIX)
Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00
Convergence of Network Management Protocols
Advertising Generic Information in IS-IS
Update on Advertising L2 Bundle Member Link Attributes in IS-IS
RADEXT WG RADIUS Attribute Guidelines
NAI (4282bis) RADEXT - IETF 82.
Diameter NASreq (RFC 4005) and RADIUS Compatibility
PANA Issues and Resolutions
An IPv6 Flow Label Specification Proposal
August 2004 at IETF-60 Thoughts on RADIUS Data Model Issues and Some Possible New Approaches -- Including Diameter Compatibility.
ALTO Protocol draft-ietf-alto-protocol-14
IETF#67 – 5-10 November 2006 FECFRAME requirements (draft-ietf-fecframe-req-01) Mark Watson.
AAA and AAAS URI Miguel A. Garcia draft-garcia-dime-aaa-uri-00.txt
NAT State Synchronization using SCSP draft-xu-behave-nat-state-sync-01
IETF80, Prague Diameter Maintenance and Extensions (DIME) WG
Carrying IPSEC Authentication and ESP Headers Across SCPS-NP Networks
ERP extension for EAP Early-authentication Protocol (EEP)
AAA Support for ERP draft-gaonkar-radext-erp-attrs
Extending Option Space Discussion Overview and its requirements
ISIS Route Tag sub-TLV draft-ietf-isis-admin-tags-02.txt
IPv6 Router Alert Option for MPLS OAM
Working Group Re-charter Draft Charter Reference Materials
draft-ietf-ospf-lls-interface-id-01
IEEE IETF Liaison Report
An Update on BGP Support for 4-byte ASN
draft-ietf-ospf-lls-interface-id-00
IEEE IETF Liaison Report
IEEE IETF Liaison Report
IEEE IETF Liaison Report
Simple Two-way Active Measurement Protocol (STAMP): base protocol and data model draft-mirsky-ippm-stamp draft-mirsky-ippm-stamp-yang Greg Mirsky
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE IETF Liaison Report
draft-ietf-dtn-bpsec-06
draft-ietf-ospf-lls-interface-id-00
Extended BFD draft-mirmin-bfd-extended
How OAM Identified in Overlay Protocols draft-mirsky-rtgwg-oam-identify Greg Mirsky IETF-104 March 2019, Prague.
BPSec: AD Review Comments and Responses
Editors: Bala’zs Varga, Jouni Korhonen
draft-ietf-ospf-te-link-attr-reuse-04
Presentation transcript:

RADEXT WG RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Greg Weber November 8th, 2005 v1 IETF-64, Vancouver

RADIUS Attribute Guidelines WG Charter Item: “RADIUS design guidelines. This document will provide guidelines for design of RADIUS attributes. It will specifically consider how complex data types may be introduced in a robust manner, maintaining backwards compatibility with existing RADIUS RFCs, across all the classes of attributes: Standard, Vendor-Specific and SDO-Specific. In addition, it will review RADIUS data types and associated backwards compatibility issues.” Milestone: Dec ’04 completion IETF-64, Vancouver

RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Have you read the draft? :-) Aimed at charter item Current revision primarily collects data points from early radius-ext threads Strawman recommendations Guidelines (when to do what) largely absent so far IETF-64, Vancouver

RADIUS Attribute Guidelines Data Model Alignment Vendor space somewhat varied :-) Vendor Packet Cable Vendor Vendor 3GPP VSAs Microsoft 3GPP2 Tags Vendor 3GPP2 FRAGMENT ENCRYPT COMPACT SHARED Simple TLV COMPLEX DATA GROUPING IETF-64, Vancouver

RADIUS Attribute Guidelines Recommendations 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (TBD) | Length |V|E|C| (reserved flags) | | Vendor-Id (opt) | | Type | Length | Value... Standardize existing VSA recommendation Ease vendor to standard transition Accommodate most VSA behavior Plan for increased attribute number space IETF-64, Vancouver

RADIUS Attribute Guidelines 00 to 01 Largely editorial changes Would like to get some confirmation that the problem statement is captured before proceeding much further. Open Issue: 106, Vendor Specific Values Standardize a method for vendors to define custom values for standard attributes? IETF-64, Vancouver

RADIUS Attribute Guidelines Vendor Specific Values VSE (enumerations) described in RFC 2882 embeds vendor ID in value, e.g. val=((vendor-id << 16) | num) Require revision of RFC 3575 (RADIUS IANA policy) and therefore a standards track doc? IETF-64, Vancouver

RADIUS Attribute Guidelines Fragmentation Simpler method than attribute flagging? EAP-Message is a non-AAA endpoint conversation, so opaque assembly makes sense. For AAA endpoint, the less opaque, the more checking that can be performed. DHCP (RFC 3396) Encoding Long Options. Concatenate any adjacent attributes of the same type. Do we need to support long & short attributes of the same type in the same message? How much do we rely on attribute ordering (consecutiveness)? How does this apply to VSAs –which are already the same type? IETF-64, Vancouver

RADIUS Attribute Guidelines Grouping Named vs. unnamed tagging Known contents vs. arbitrary contents Can newly defined groups of data contain previously defined (standard) attributes? IETF-64, Vancouver

RADIUS Attribute Guidelines When to use which format (SHOULD/MUST) When to move from vendor to standard When to define vendor specific values When to use the extended type space How to translate to/from Diameter (see draft-mitton-diameter-radius-vsas-00.txt) IETF-64, Vancouver

RADIUS Attribute Guidelines To think about, get consensus, do... Diameter translation Agree on recommended approach Actual guidelines Address vendor specific values IETF-64, Vancouver

RADIUS Attribute Guidelines Finally, Is this a reasonable starting point for this charter work item? Volunteers for this work? Discussion IETF-64, Vancouver

RADIUS Attribute Guidelines Backup Slides IETF-64, Vancouver

RADIUS Attribute Guidelines Motivation – why do we need guidelines? Divergent data models Attribute space exhaustion Diameter alignment IETF-64, Vancouver

RADIUS Attribute Guidelines Data Model Two attribute spaces: standard & vendor Small number of data types Consistent TLV payload use enables: interoperability, intermediate nodes (proxies) simple implementation: attributes can be added without new parsing code Many exceptions Simple TLV IETF-64, Vancouver

RADIUS Attribute Guidelines Scope Backwards compatibility Intermediate nodes Dictionary based implementations Unaware endpoints Existing VSA usage Transport Impact Non-AAA applications Diameter compatibility IETF-64, Vancouver

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.