>>>>> "Yoshihiro" == Yoshihiro Ohba <[email protected]> writes:
Yoshihiro> I think the two options you provided below are two
Yoshihiro> extremes. It is too restrictive to have a requirement on
Yoshihiro> one of the two extremes. I can think of an application
Yoshihiro> that can choose to follow AAA-associatied authorization
Yoshihiro> lifetime or use its own (AAA-independent) lifetime
Yoshihiro> depending on use case.
That's well within what I mean by option 1--leave it up to the
application.
One reasonable thing for applications to do in some usecases would be
to depend on AAA.
Would you be willing to review text to make sure we don't exclude this
sort of thing?
--Sam
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
