Hi RFC 2865 authors, OPSAWG, I think that this errata may be valid, but given the age of the RADIUS protocol, and the fact that I'm not familiar with it and this is a change to the protocol, then I'm somewhat concerned with verifying this errata, and hence I propose to move it to "Held for Document Update".
Does anyone have any comments on this proposed resolution? Regards, Rob > -----Original Message----- > From: RFC Errata System <[email protected]> > Sent: Saturday, April 2, 2022 6:23 PM > To: [email protected]; [email protected]; [email protected]; > [email protected]; [email protected]; Rob Wilton (rwilton) > <[email protected]> > Cc: [email protected]; [email protected] > Subject: [Technical Errata Reported] RFC2865 (6915) > > The following errata report has been submitted for RFC2865, > "Remote Authentication Dial In User Service (RADIUS)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid6915 > > -------------------------------------- > Type: Technical > Reported by: Oleg Pekar <[email protected]> > > Section: 5 > > Original Text > ------------- > The Value field is zero or more octets and contains information > specific to the Attribute. > > Corrected Text > -------------- > The Value field is one or more octets and contains information > specific to the Attribute. > > Notes > ----- > Section "5. Attributes" is ambiguous when it talks about the attribute value > size: > > First it says: "The Value field is zero or more octets", then it provides 5 > possible value data types none of which allows a zero length value. For 'text' > type it says: "Text of length zero (0) MUST NOT be sent; omit the entire > attribute instead" and the same for 'string' type. > > Section "5.26. Vendor-Specific" also says about the value of a vendor-specific > attribute "The String field is one or more octets". > > Thus the RFC allows empty values for attributes in general but prohibits for > any declared types of the attributes. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC2865 (draft-ietf-radius-radius-v2-06) > -------------------------------------- > Title : Remote Authentication Dial In User Service (RADIUS) > Publication Date : June 2000 > Author(s) : C. Rigney, S. Willens, A. Rubens, W. Simpson > Category : DRAFT STANDARD > Source : Remote Authentication Dial-In User Service > Area : Operations and Management > Stream : IETF > Verifying Party : IESG _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
