On Nov 13, 2009, at 3:51 AM, Brian Rosen wrote:
> On the discussion of HELD identity, I thought I heard a more
> definitive
> consensus on LCP use. What I thought I heard was no LCP use in this
> version. I understood Martin to agree to this as a "better part of
> valor"
> kind of thing to get the draft moving.
>
[AJW] There are very clear examples where the LCP does work and is useful, we will highlight these in the draft. In WiMAX for example the IP address return routability is allowed, but there is no explicit way to interrogate the RADIUS server using IP address, there is for NAI. If you query using NAI you will get out of the RADIUS server the IP address assigned to that NAI, along with a bunch of other things including the WiMAX-session-id that is the identifier used in the ASN to identify the device. This is a real world case, and it can really only work as currently defined if the NAI is provided by the Target in a LCP case.
I don't see a away to turn this into a third-party request, and it is a legitimate usage for LCP that is verifiable. So I am absolutely NOT OKAY with restricting identity extensions to third-party only requests! I might be okay with restricting it only those identifiers that we can provide a verifiable usecase for. The question then comes about whether these use cases go into the body or whether they are normative appendices.
Cheers
James
> What did we decide (as always, subject to list discussion)? There
> was no
> hum of course.
>
> I am good with this. I thought I had a use (Gateway from PSTN
> switch using
> telephone number as identity), but the room response was "that's a
> 3rd party
> use". I am okay with that call.
>
> Brian
>
_______________________________________________
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
