Re: [NTISP Digest]

Dale E. Reed Jr. ( (no email) )
Fri, 28 Aug 1998 23:24:22 -0700

David Payer wrote:
> +AD4-
> +AD4-Using RADIUS to authenticate mail requests is using RADIUS for something
> +AD4-it was not designed to do. The mail package should be hitting the
> +AD4-database, not the RADIUS server.
> +AD4-
> +AD4---
> +AD4-Dale E. Reed Jr
> Dale, that is like saying HTML was never meant for graphics.

As a continuing member of the RADIUS charter and development group for
over four years, I believe I DO know what I am talking about. What part
of RADIUS development have you been that qualifies your statement?

RADIUS stands for Remote Authentication Dial In User Service. No where
in the protocl is there ANY definition or means to support
of mail users from a mail server. No mailbox attributes, no access type
attributes, not forward attributes, no alias attributes. NONE.

So I stand by my statement that using RADIUS for authenticating mail
users is using RADIUS for something is was not designed to do.

HTML was designed to show graphics. Its likely that the first
versions did not, but there were updates to the protocol to allow for
it. Another protocol based on RADIUS may provide for additional
authentication types (like mail, ftp, etc) in the future (check
out DIAMETER) but the current RADIUS definition has no hint or
intention of it.

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |