On Feb 12, 2016, at 8:51 AM, Stefan Winter <[email protected]> wrote: > >> RadExt Charter text is less clear except that their milestones are >> explicit and focused on the 'network access' problem, not the 'network >> managment' or 'network operations' or 'network adminsitration' >> problem(s). > > The sentence "The RADIUS Extensions Working Group will focus on > extensions to the RADIUS protocol pending approval of the new work from > the Area Director" > > is quite clear, IMHO: new features so long as the AD allows us to.
In addition, RADIUS has been used for network administration since it's origins. RFC 2058 makes it clear that it is *explicitly* intended to authenticate, authorize, and do accounting for administrators logging into network equipment: https://tools.ietf.org/html/rfc2058#section-5.6 Has Service-Type of: Administrative The user should be granted access to the administrative interface to the NAS from which privileged commands can be executed. Any counter-argument that RADIUS isn't intended for "network operations" or "network administration" is false, and has been documented publicly as being false for two decades. The "command authorization" is *explicitly* in scope for RADIUS, and has *always* been in scope for RADIUS. As Stefan says, it's only due to one vendors anti-competitive behaviour that we're even having this discussion. Alan DeKok. _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
