RADEXT WG RADIUS Attribute Guidelines Greg Weber March 21 st, 2006 IETF-65, Dallas v1 draft-weber-radius-attr-guidelines-02.txt draft-wolff-radext-ext-attribute-00.txt.

Slides:

Advertisements

Similar presentations

TOPIC : MIME (Multipurpose Internet Mail Extensions ) By: Cecilia Gomes COSC 541,DATA COMMUNICATION SYSTEMS & NETWORKS Instructor: Prof. Anvari (SEU)

Advertisements

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

Linear Confidential Linear Technology Response to RFP – ETSI TC ERM Request for Changes.

KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.

Some Thoughts on Data Representation 47th IETF AAAarch Research Group David Spence Merit Network, Inc.

ICN Packet Format Design Requirements presented by Alex Afanasyev Alex Afanasyev (UCLA), Ravi Ravindran (Huawei), GQ Wang (Huawei), Lan Wang (University.

Format for the Session Initiation Protocol (SIP) Common Log Format (CLF) draft-ietf-sipclf-format-01 (G. Salgueiro, V. Gurbani, and A. B. Roach) Presenter:

WG RAQMON Internet-Drafts RMON MIB WG Meeting Washington, Nov. 11, 2004.

Draft-campbell-dime-load- considerations-01 IETF 92 DIME Working Group Meeting Dallas, Texas.

INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

WebDAV Issues Munich IETF August 11, Property URL encoding At present, spec. allows encoding of the name of a property so it can be appended to.

SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-01) IETF 89, March 7, 2014 Authors: Michael Yan, Paul Kyzivat, Simon Romano.

IETF71 DIME WG RFC3588bis and Extensibility Status Victor Fajardo (draft-ietf-dime-rfc3588bis-10.txt)

DIME WG IETF 82 Dime WG Agenda & Status THURSDAY, November 17, 2011 Jouni Korhonen & Lionel Morand.

Diameter Group Signaling Tuesday, July 31 st, 2012 draft-ietf-diameter-group-signaling-00 Mark Jones, Marco Liebsch IETF 84 Vancouver, Canada.

July 27, 2009IETF NEA Meeting1 NEA Working Group IETF 75 Co-chairs: Steve Hanna

QUALCOMM Incorporated 1 Protocol Options for BSN- BSMCS Controller Interface Jun Wang, Kirti Gupta 05/16/2005 Notice: Contributors grant a free, irrevocable.

EAI WG meeting IETF-65, March 20, Agenda 17:40 Welcome, blue sheet, scribe, agenda bashing 17:50 Review of WG charter (approved) 17:55 Problem/framing:

Real-time Flow Management 2 BOF: Remote Packet Capture Extensions Jürgen Quittek NEC Europe Ltd, Heidelberg, Germany Georg Carle GMD.

Dime WG Status Update IETF#80, 1-April Agenda overview Agenda bashing WG status update Active drafts Recently expired IESG processing Current milestones.

7/11/2006IETF-66 MSEC IPsec composite groups page 1 George Gross IdentAware ™ Multicast Security IETF-66, Montreal, Canada July.

Standards Analysis Summary vMR –Pros Designed for computability Compact Wire Format Aligned with HeD Efforts –Cons Limited Vendor Adoption thus far Represents.

Extended Attributes RADEXT - IETF 79 Alan DeKok FreeRADIUS Avi Lior Bridgewater.

BLISS Problem Statement Jonathan Rosenberg Cisco.

GTP (Generic Tunneling Protocol) Alessio Casati/Lucent Technologies Charles E. Perkins/Nokia Research IETF 47 draft-casati-gtp-00.txt.

Transient BCE for Proxy Mobile IPv6 draft-ietf-mipshop-transient-bce-pmipv6-00.txt Oliver Marco

ICN Packet Format Design Requirements presented by Alex Afanasyev Alex Afanasyev (UCLA), Ravi Ravindran (Huawei), GQ Wang (Huawei), Lan Wang (University.

March 2006IETF 65, Dallas1 Diameter NASreq (RFC 4005) and RADIUS Compatibility David Mitton RSA Security Inc. draft-mitton-diameter-radius-vsas-01.txt.

RADEXT WG IETF 91 Rechartering. Why? Current charter doesn’t allow us to take on new work that is waiting in the queue Has an anachronistic Diameter entanglement.

WSON Summary Young Lee Document Relationships Information Gen-constraints Encode WSON Encode Signal Compatibility OSPF Gen-constraints.

4/26/2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Response to WG request regarding TC ERM requested.

Update on the IETF Diffserv Working Group NANOG 13 Detroit, MI June 8, 1998 Kathleen M. Nichols

Real-Time Streaming Protocol draft-ietf-mmusic-rfc2326bis-01.txt Magnus Westerlund.

SDP Simple Capability Negotiation (SDP Simcap) draft-andreasen-mmusic-sdp-simcap-reqts-00.txt draft-andreasen-mmusic-sdp-simcap-01.txt 50th IETF - March.

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Prepaid Extensions to RADIUS (draft-lior-radius-prepaid-extensions-10.txt) A. Lior Bridgewater Systems P. Yegani Cisco Systems K. Chowdhury Starent Networks.

Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

RADEXT WG RADIUS Attribute Guidelines Greg Weber IETF-63, Paris.

A RTCP-based Retransmission Protocol for Unicast RTP Streaming Multimedia draft-podolsky-avt-rtprx-00.txt Matthew Podolsky, Koichi Yano, and Steven McCanne.

NEA Working Group IETF meeting July 27, 2011 Jul 27, 2011IETF 81 - NEA Meeting1.

Diameter Group Signaling Thursday, August 02 nd, 2013 draft-ietf-diameter-group-signaling-01 Mark Jones, Marco Liebsch, Lionel Morand IETF 87 Berlin, Germany.

RADEXT WG draft-ietf-radext-ieee802ext-09 Bernard Aboba November 4, 2013 IETF 88 Please join the Jabber room:

Diameter Group Signaling Thursday, March 6 th, 2014 draft-ietf-diameter-group-signaling-03 Mark Jones, Marco Liebsch, Lionel Morand IETF 89 London, U.K.

Extended Attributes RADEXT - IETF 81 Alan DeKok FreeRADIUS Avi Lior Bridgewater.

Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS.

DIME WG IETF 84 Diameter Design Guidelines draft-ietf-dime-app-design-guide-15 Tuesday, July 31, 2012 Lionel Morand.

IETF68 DIME WG Diameter Applications Design Guidelines Document (draft-fajardo-dime-app-design-guide-00.txt)

SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-00) IETF 87, November 4, 2013 Authors: Michael Yan, Paul Kyzivat, Simon Romano.

Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.

Problem Statement: Media Independent Handover Signalling draft-hepworth-mipshop-mih-problem-statement-01 Ele Hepworth (*), Greg Daley, Srinivas Sreemanthula,

IP Flow Information eXport (IPFIX)

November 2010 doc.: IEEE e Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: LB60 comment.

RADEXT WG RADIUS Attribute Guidelines

Diameter NASreq (RFC 4005) and RADIUS Compatibility

PANA Issues and Resolutions

August 2004 at IETF-60 Thoughts on RADIUS Data Model Issues and Some Possible New Approaches -- Including Diameter Compatibility.

IETF#67 – 5-10 November 2006 FECFRAME requirements (draft-ietf-fecframe-req-01) Mark Watson.

LMP Behavior Negotiation

IETF80, Prague Diameter Maintenance and Extensions (DIME) WG

Extending Option Space Discussion Overview and its requirements

RADEXT WG RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Greg Weber November 8th, 2005 v1 IETF-64, Vancouver.

Updates to Draft Specification for DTN TCPCLv4

Robert Moskowitz, Verizon

Robert Moskowitz, Verizon

ISIS extensions for SRv6 draft-bashandy-isis-srv6-extensions-00

Response to Coexistence Presentations

Extended BFD draft-mirmin-bfd-extended

draft-ietf-bier-ipv6-requirements-01

TRILL Header Extension Improvements

Presentation transcript:

RADEXT WG RADIUS Attribute Guidelines Greg Weber March 21 st, 2006 IETF-65, Dallas v1 draft-weber-radius-attr-guidelines-02.txt draft-wolff-radext-ext-attribute-00.txt

2 RADIUS Attribute Guidelines WG Charter Item: “RADIUS design guidelines. This document will provide guidelines for design of RADIUS attributes. It will specifically consider how complex data types may be introduced in a robust manner, maintaining backwards compatibility with existing RADIUS RFCs, across all the classes of attributes: Standard, Vendor-Specific and SDO-Specific. In addition, it will review RADIUS data types and associated backwards compatibility issues.” Milestone: Oct ’06 completion Originally Dec ‘04 IETF-65, Dallas JFMAMJJASONDJFMAMJJASOND WG LC1 IESG Submissions Guide-00 Guide-01 Guide-02 Draft Revisions Milestones ExtAttr-00

3 RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-02.txt draft-wolff-radext-ext-attribute-00.txt draft-evbergen-radext-extended-attribute-02.txt Aimed at charter item The Guidelines draft collects data points from early radius-ext threads: current behavior, solution scope, and guidelines The Wolff draft proposes a Diameter-based encoding The Van Bergen draft proposes a RADIUS-like tagging mechanism Have you read the drafts? :-) IETF-65, Dallas

4 RADIUS Attribute Guidelines Motivation – why do we need guidelines? Divergent data models Attribute space exhaustion Diameter alignment IETF-65, Dallas

5 RADIUS Attribute Guidelines Data Model Two attribute spaces: standard & vendor Small number of data types Consistent TLV payload use enables: –interoperability, intermediate nodes (proxies) –simple implementation: attributes can be added without new parsing code Many exceptions IETF-65, Dallas Simple TLV

6 RADIUS Attribute Guidelines Data Model Alignment Vendor space somewhat varied :-) IETF-65, Dallas Simple TLV GROUPING COMPACT SHARED COMPLEX DATA ENCRYPT FRAGMENT Tags 3GPP VSAs 3GPP2 Vendor 3GPP2 Microsoft Packet Cable Vendor

7 RADIUS Attribute Guidelines Scope Backwards compatibility –Intermediate nodes –Dictionary based implementations –Unaware endpoints Existing VSA usage Transport Impact Non-AAA applications Diameter compatibility IETF-65, Dallas

8 RADIUS Attribute Guidelines New Section 7: new attributes SHOULD comply with the attribute design guidelines given in RFC 2865 unless one or more of the following applies: The standard attribute space for new attributes has been exhausted. The proposed maximum attribute length exceeds that available for attributes specified by RFC The native data type of the data element is defined for Extended attribute, but not standard RADIUS, e.g. Integer64. Logical grouping is required. In the cases above, it is RECOMMENDED that the extended attribute encoding specified by the Wolff draft be used. IETF-65, Dallas

9 RADIUS Attribute Guidelines Further recommendations: The Vendor-Specific Enumeration (VSE) encoding mechanism as proposed by Section of RFC 2882 SHOULD NOT be used. Instead, vendors should comply with the recommendations of RFC Per-attribute encryption mechanisms other than specified by RADIUS standards SHOULD NOT be used. The message lengths specified by RADIUS standards MUST NOT be exceeded. Variable attribute content SHOULD NOT be specified. Separate attributes SHOULD be defined instead. SDOs are RECOMMENDED to use the standard attribute space for attributes that are intended to be supported by multiple vendors. IETF-65, Dallas

10 RADIUS Attribute Guidelines From the Wolff draft: Four distinct types of syntax Abstract syntax First & most important – what information is to be represented? Display syntax How the info is presented to a human; also useful for inter- application transfer Transfer syntax Bits on the wire; derived from Abstract syntax, not vice versa! Internal syntax Implementation determined, nobody else’s business IETF-65, Dallas

11 RADIUS Attribute Guidelines Criteria for evaluating extended attribute format Top priorities Remove 255 limit on attribute type number Remove 253 limit on attribute value length Support rich set of standard attribute value types Support grouping Easy transition of attributes from VSA to standard Mid priorities Ease of gatewaying to Diameter Support multi-level (nested) grouping M-bit (mandatory attributes) build on / re-use existing work Low priorities Minimal attribute header size Elegance, alas IETF-65, Dallas

12 RADIUS Attribute Guidelines From the Wolff draft: Advantages of a Diameter-based encoding Satisfies all top & mid priority criteria All new RADIUS features need Diameter spec too; minimizes author work Grouped sub-attributes are together in specified order, making validation & display straightforward IETF-65, Dallas

13 RADIUS Attribute Guidelines Diameter AVP header: IETF-65, Dallas | AVP Code | |V M P r r r r r| AVP Length | | Vendor-ID (opt) | | Data Larger code & length fields Optional Vendor-ID M-bit More standard data types

14 RADIUS Attribute Guidelines IETF-65, Dallas Issues addressed by the Wolff draft: Extended-Space attribute encaps extended attributes Diameter-based AVP encoding EAP-Message like concatenation Alignment & padding Additional data types M-bit support Questions: Extended attributes in Access-Reject? Range of Diameter code points?