RFC 4590

Peter Nixon listuser at peternixon.net
Tue Nov 14 09:04:45 CET 2006

On Tue 14 Nov 2006 03:25, Alan DeKok wrote:
> Peter Nixon <listuser at peternixon.net> wrote:
> > Is there any reason why "dictionary.digest" exists but is not included
> > (It should actually be called dictionary.rfc4590) and the attributes are
> > instead declared in "dictionary.freeradius.internal"?
>   dictionary.digest is a hack (defines sub-attributes).  It shouldn't
> exist.
> > I have changed dictionary.digest to dictionary.rfc4590 in the 1.1.x
> > branch but
>   Uh, oh.  That's not good.  The dictionary.digest file is *not* the
> same as what's in RFC 4590.

OK. It is NOT included yet...

> > have not included it yet. Can we clean this stuff up? I am trying to get
> > FreeRADIUS to the point where it works with SIP servers (SER etc) out of
> > the box.
>   No one has implemented RFC 4590 yet.  Plus, the RFC is wrong, as the
> attribute numbers are incorrect, and the final table of what's allowed
> where is incorrect.  It will be re-issued in a month or two.

Ahh.. That I didn't know.

>   Please don't do *anything* with RFC 4590.  It's existence is a
> figment of your imagination.  Once the updated RFC comes out, we'll
> use that.

http://www.ietf.org/rfc/rfc4590.txt ???

>   The hardest part about the digest RFC is that the attribute numbers
> it has will conflict with stupid Ascend pseudo-VSA's.  We've got to
> support both, so there's some magic required in src/lib/radius.c
>   Again, RFC 4590 doesn't exist.  Wait a few months for a fixed
> version.  Don't implement ANYTHING based on RFC 4590.



Peter Nixon
PGP Key: http://www.peternixon.net/public.asc

More information about the Freeradius-Devel mailing list