Re: [Dime] I-D Action:draft-ietf-dime-realm-based-redirect-01.txt

[Mark Jones <Mark.Jones at bridgewatersystems.com>]

Hi Tom,

I was expecting a stronger statement on advertisement at the application level, e.g.

"Because realm-based redirection is not part of base Diameter behaviour, support for realm-based redirection by the peers MUST be advertised at the application level."

I don't see how the feature works reliably otherwise and punting the risk evaluation to the service provider seems inappropriate for a feature likely to used on inter-service-provider interfaces.

Regards
Mark


> -----Original Message-----
> From: Tom Taylor [mailto:tom.taylor at rogers.com] 
> Sent: October 6, 2009 2:01 PM
> To: Mark Jones
> Cc: dime at ietf.org
> Subject: Re: [Dime] I-D 
> Action:draft-ietf-dime-realm-based-redirect-01.txt
> 
> I'm proposing in response to your concern on advertisement to 
> add the following 
> section to the document. Does this meet the requirements?
> 
> <section anchor="applic" title="Applicability Statement">
> 
> <t>Because realm-based redirection is not part of base 
> Diameter behaviour, 
> support for realm-based redirection by the client cannot be 
> guaranteed without 
> advertisement at the application level. Designers of new 
> applications MAY wish 
> to incorporate a requirement to support realm-based 
> redirection through 
> normative reference to this document.</t>
> 
> <t> An erstwhile service provider who deploys realm-based 
> redirection without 
> support from advertisement imposes a risk upon clients that 
> they are unable to 
> complete requests for the service concerned because, thanks 
> to prevailing local 
> policies, they have not derived alternative routes to other 
> domains that can 
> support the service. The decision to impose such a risk and 
> the administrative 
> actions that providers may take to mitigate this risk are 
> based on non-technical 
> considerations and are therefore out of scope of this document. </t>
> 
> </section><!-- applic -->
> 
> 
> Mark Jones wrote:
> > The use case I had in mind when I made the comment in the 
> DIME session was a wholesaler for AAA that was previously 
> offering service for a given realm but the AAA service is now 
> being provided by a new wholesaler.
> > 
> > So the old wholesaler would use the redirect realm AVPs with:
> >    Redirect-Realm = <realm of new wholesaler>
> >    Redirect-Realm-Usage = ALL_REALM
> > 
> > The other question I had on this draft was how one 
> advertises support for the realm redirect functionality. I 
> understand from Tom's presentation that nothing too bad 
> happens on the client if it does not support these AVPs but 
> the intended redirect did not happen either and the 
> redirecting server is unaware of the error. The way new 
> functionality (i.e. beyond base functionaltiy) is advertised 
> in Diameter is through the use of application ids in CER/CEA 
> exchanges. If new applications require redirect realm 
> functionaltiy, I would expect the specifications for these 
> new applications to state this dependency and include a 
> normative reference to the redirect realm draft. I think the 
> redirect realm draft should clarify this because redirect 
> realm is not base functionality.
> > 
> > Regards
> > Mark
> > 
> > ________________________________________
> > From: dime-bounces at ietf.org [dime-bounces at ietf.org] On 
> Behalf Of Sebastien Decugis [sdecugis at nict.go.jp]
> > Sent: Thursday, July 30, 2009 3:24 PM
> > To: Tom Taylor
> > Cc: dime at ietf.org
> > Subject: Re: [Dime] I-D 
> Action:draft-ietf-dime-realm-based-redirect-01.txt
> > 
> > Ok, I did not get that, sorry :) Just ignore my comment then.
> > 
> > Thanks,
> > Sebastien.
> > 
> > Tom Taylor a écrit :
> >> No difference, but didn't we say in the meeting we preferred not to
> >> overload Redirect-Host-Usage?
> >>
> >> Sebastien Decugis wrote:
> >>> Hi,
> >>>
> >>> Just quickly going through the new draft revision, I did 
> not find any
> >>> difference between Redirect-Host-Usage (RFC3588) and the new
> >>> Redirect-Realm-Usage being defined. I am just wondering 
> if the content
> >>> is the same, if we cannot just re-use the Redirect-Host-Usage AVP?
> >>> Please let me know (and pardon me) if I did miss a subtle 
> difference :)
> >>>
> >>> My 2 cents,
> >>> Sebastien.
> >>>
> >>>
> >>> Tom Taylor a écrit :
> >> ...
> >>
> > _______________________________________________
> > DiME mailing list
> > DiME at ietf.org
> > https://www.ietf.org/mailman/listinfo/dime
> > _______________________________________________
> > DiME mailing list
> > DiME at ietf.org
> > https://www.ietf.org/mailman/listinfo/dime
> > 
>