Re: [PATCH] Rework the Acct-Session-Id and Acct-Multi-Session-Id implementation to give better global and temporal uniqueness.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just to note that this patch should be considered in conjunction with
the subsequent, dependent patch that adds an Acct-Session-Id to
Accounting-On and Accounting-Off, which the RFC mandates must be
present.

The RADIUS RFC shows its age and does not demand global and temporal
uniqueness for its session ids but this is something that can and
should be done by RADIUS clients as these are opaque tokens. There is
no reason not to do this, and there are many reasons why this should
be done.

RFC 3580 is also in error in its suggested construction for the
Acct-Multi-Session-Id as it is possible to get duplicate values when
NTP sync has not occurred. Its recommendation should not be followed
as it is bad practice.

Nick

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux