-----BEGIN PGP SIGNED MESSAGE-----
B1) why is the TLV format different from the RADIUS one?
The length is the only difference. (being /4)
How often do we need attributes longer than 253 bytes?
What happens if the length is 0? (Yeah, it is illegal,
but why have such a situation)
The 4* the length is there so that one can have 1022 byte
attributes. These don't fit into single EAP-Message payloads in
radius, is the situation better in LCP?
The 4* length seems to simply result in there needing to be another
length in many packets. That probably cancels any advantage in
encoding the length as a byte.
The rounding up to 32-bit size also seems to waste a lot of bytes
needlessly - the EAP messages won't be aligned when they arrive
in at a radius server, which is likely the end that will biggest load
due to EAP messages, so why bother here?
I suggest that the TLV format be junked in favour of one that is
either identical to PPP or identical to radius.
This is gratuitously different.
B2) why are there boath IV and ENCR attribues?
Just put the IV at the front of cipher text. This makes much more
sense.
B4) It appears that AT_FULLAUTH_ID_REQ, PERMANEND_ID_REQ and
ANY_ID_REQ are always mutually exclusive. I strongly suggest
that there be an "ID_REQ" attribute, with three values:
FULLAUTH/PERMANENT/ANY
In fact, these three cases seem like they are really three
different "Start" situations, and I suggest that they be
turned into three "Start" messages. This would be much easier
to document and analyze.
] Out and about in Ottawa. hmmm... beer. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys - custom hacks make this fully PGP2 compat
iQCVAwUBP2YVg4qHRg3pndX9AQHJ4AQA3AyXhRBKcc1QKkZOVseHCLrHm9DRvw8R
VAJks6LkITUzJiVz6iKzcpFs+bBc1vUL/WY4gSE1NOrzEOV7wy1cZPUfmP0tZp7+
zMPlF1K0W5EzIBQAbmI5SyBpWDQklTOoIFxH8kzPwueiQODHt9468FY4cwmnEhZ3
yp2NiJMoZlA=
=w42y
-----END PGP SIGNATURE-----
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html