Tuesday, March 12, 2013< ^ >
dave mitton has set the subject to: IETF 85 RADEXT Meeting
Room Configuration
Room Occupants

[20:58:37] Alan DeKok joins the room
[21:00:09] <Alan DeKok> Audio work for you?
[21:00:12] <Alan DeKok> I can't connect
[21:04:11] S73654-TX0FB16B913 joins the room
[21:04:29] stefan.winter joins the room
[21:04:52] Rhys Smith joins the room
[21:05:22] jimsch joins the room
[21:09:16] <Alan DeKok> audio is OK for me
[21:09:48] <stefan.winter> im having trouble getting to the remote participation webiste. Does anyone have a direct URL for the stream?
[21:10:16] <Alan DeKok>
[21:11:45] <stefan.winter> perfect, thanks
[21:18:09] <stefan.winter> This is not a user identifier - when using EAP, the user identifier may well be hidden in a crypto tunnel. NAI is just what the acronym suggests: an identifier that can be used to give "someone" network access.
[21:18:18] <stefan.winter> The N is arguable with ABFAB maybe :-)
[21:34:28] Tina Tsou joins the room
[21:41:07] Dave Mitton joins the room
[21:45:14] benoit.claise joins the room
[21:48:27] benoit.claise leaves the room
[21:49:31] <Alan DeKok> some loop detection: too many proxy-state attributes in the request
[21:51:46] <jimsch> Could you potentially identify your own proxy-state attribute?
[21:55:47] <Alan DeKok> it's theoretically possible, but probably hard
[21:56:20] <stefan.winter> too many would work (packet becomes too big, or max attributes security param like in FreeRADIUS)
[21:56:52] <stefan.winter> I've seen situations where proxy-state inflation did not fix things (but crashing the server eventually "fixed" it :-) )
[21:57:19] <Alan DeKok> IMHO, there's little need for Proxy-State any more.  FR doesn't use it for anything
[21:57:54] <stefan.winter> IIRC, it doesn't have to be added?
[21:58:14] <Alan DeKok> the RFCs say it has to be added, so FR does
[21:58:21] <Alan DeKok> but it's not used for anything.
[21:58:43] <stefan.winter> ? 2865 has a 0+ in its table... but it's late here.
[21:59:12] <Alan DeKok> IIRC, even the Merit server didn't really use it.  It was added, but not verified.
[22:01:23] <stefan.winter> What many people in eduroam do is add a VSA like "Processed-By:"
[22:01:52] <stefan.winter> And then a simple check whether that attribute with the identical value is already in an incoming packet.
[22:02:04] <stefan.winter> That's pretty simple and effective.
[22:03:27] <Alan DeKok> that would work
[22:03:55] <stefan.winter> Sucks a little that its everybody's own homegrown VSA.
[22:03:59] <Alan DeKok> may be better to have a "server ID", as you may have primary / secondary servers...
[22:04:12] <stefan.winter> An RFC with an (extended) attrib specified would be much cleaner
[22:04:16] <Alan DeKok> yeah
[22:04:26] <stefan.winter> Yes, some "server name" thing might work better than IP.
[22:05:38] <stefan.winter> If I get DynDisc off my neck, I could sit down and write a really simplistic draft about it.
[22:13:10] S73654-TX0FB16B913 leaves the room
[22:19:50] <Alan DeKok> TCP and TLS are really the right answer.  We still have issues with 4K packet size.  That needs capability negotiation
[22:20:31] <stefan.winter> Cant help it... I find the fragmentation approaches a bit fragile.
[22:20:43] <Alan DeKok> yup.  it's a hack
[22:21:48] <Alan DeKok> just use HTTP if you're willing to change the equipment.  Honestly...
[22:22:15] <stefan.winter> HTTP?
[22:23:14] <Dave Mitton> yeah?  really --- but are there slides for Eduroam?
[22:23:45] <stefan.winter> I cowrote the draft, but havent seen slides. NOthing on the materials page anyway.
[22:23:47] <jimsch> He has one on the screen - but only one.  I don't know what is on the meeting materials
[22:24:51] <Alan DeKok> nothing on the materials page
[22:26:37] Rhys Smith leaves the room
[22:29:12] Tina Tsou leaves the room
[22:30:42] jimsch leaves the room
[22:32:37] Alan DeKok leaves the room
[22:33:05] stefan.winter leaves the room
[22:33:43] <Dave Mitton> Ahh --- a strategy for ending a meeting on time - schedule against the social.
[22:33:49] Dave Mitton leaves the room
[23:10:18] Tina Tsou joins the room
[23:10:44] Tina Tsou leaves the room
[23:15:15] Tina Tsou joins the room
[23:20:05] Tina Tsou joins the room
[23:22:15] Tina Tsou leaves the room
[23:22:45] Tina Tsou joins the room
[23:23:15] Tina Tsou leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!