Hi, On 3 Nov 2011, at 15:09, Alejandro Perez Mendez wrote: On 11/3/11 10:51 AM, "Alejandro Perez Mendez"<[email protected]<mailto:[email protected]>> wrote: What if the user has some attribute which is> 4K? For example a photo (for biometric comparation). I think that this situation should not be ignored, even when I can agree it will not be the most usual. Sorry, I wasn't saying the assertion wouldn't be> 4K, I was saying the signature alone isn't that much bigger than a mediumish attribute unless you add the cert.
I thought the> 4K thing was addressed by chunking it up. If not, you have a problem. That exactly the problem. Even splitting into 253-byte chucks, a RADIUS message cannot have more than 4K in total, including all the attributes. So, I think it would be required to find a solution for this, as it could happen, even without certificates and signatures. I don't want to open a can of worms, but we could consider the idea of more compact coding formats, like JWT… There is a WG (JOSE, http://datatracker.ietf.org/wg/jose/) dealing with this stuff, plus our OAuth colleagues, of course. Be goode, -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D e-mail: [email protected]<mailto:[email protected]> Tel: +34 913 129 041 ----------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
