Authorize Only RFC 3576 What are the semantics of the Access-Accept (Authorize-Only): Must it be complete. That is: Should it contain all the attributes about the session? Or just some of the attributes? COA message (PUSH) is very clear: if the attribute exists in the COA message it overwrites all previously sent attributes; if its not in the COA message it remains unchanged. |