>>>>> "Alan" == Alan DeKok <[email protected]> writes:
Alan> Sam Hartman wrote:
>> So, I think we're better off with an existing registry provided
>> that we can get things we need registered in it. I think it's not
>> a huge deal to go do our own registry if we need to; doing so
>> probably makes implementation more messy on the AAA server
>> especially, but is not impossible.
Alan> If the CB data has value to AAA *outside* of the context of
Alan> channel binding, then there are likely already AVPs defined
Alan> for it in AAA protocols. Or, it will be useful to define new
Alan> AVPs.
Alan> If the CB data does *not* have value to AAA outside of the
Alan> context of channel bindings, then using a namespace (and AVP
Alan> format) specific to CB is the best approach.
It's my suspicion that the vast majority of CB data has value to AAA
outside of the context of CB. It's possible that if we go the route of
using an AAA registry and don't have a mechanism for registering non-AAA
CB, then we'll find ourselves having to register an AAA attribute useful
almost exclusively for CB from time to time. I think that will be rare
but notimpossible.
I do find it telling that I cannot think of a CB attribute that I
wouldn't sometimes want to send over AAA.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
