RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 2866, "RADIUS Accounting", June 2000

Source of RFC: radius (ops)

Errata ID: 4487
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Nick Lowe
Date Reported: 2015-09-29
Rejected by: Benoit Claise
Date Rejected: 2015-10-05

Section 5.5 says:

Acct-Session-Id

   Description

      This attribute is a unique Accounting ID to make it easy to match
      start and stop records in a log file.  The start and stop records
      for a given session MUST have the same Acct-Session-Id.  An
      Accounting-Request packet MUST have an Acct-Session-Id.  An
      Access-Request packet MAY have an Acct-Session-Id; if it does,
      then the NAS MUST use the same Acct-Session-Id in the Accounting-
      Request packets for that session.

      The Acct-Session-Id SHOULD contain UTF-8 encoded 10646 [7]
      characters.

It should say:

Acct-Session-Id

   Description

      This attribute is a globally unique Accounting ID to make it easy
      to match start and stop records in a log file.  The start and stop
      records for a given session MUST have the same Acct-Session-Id.
      An Accounting-Request packet MUST have an Acct-Session-Id.
      An Access-Request packet MAY have an Acct-Session-Id; if it does,
      then the NAS MUST use the same Acct-Session-Id in the Accounting-
      Request packets for that session.

      The Acct-Session-Id SHOULD contain UTF-8 encoded 10646 [7]
      characters.

Notes:

A very common implementation fault in RADIUS clients that perform accounting is that Acct-Session-Ids are observed to be reused after a NAS is rebooted or are only unique only in the scope/context of a NAS.

The RFC does not explicitly state the scope of uniqueness and it must be clarified to state that Acct-Session-Ids are expected to be globally unique. I believe this to be the original, implicit intent of the author.

This is necessary because the ambiguity causes substantial implementation issues today.

See: http://freeradius.org/radiusd/man/rlm_acct_unique.txt

An ideal Acct-Session-Id would have the properties of a GUID/UUID.
--VERIFIER NOTES--
As summarized by Nick:


It looks like the Acct-Session-Id and Acct-Multi-Session-Id errata
both will and should be rejected on the grounds that they would
constitute technical changes based on the original intent of the RFC,
which we now know. That does make sense and would be a reasonable
course of action now that that's known.

I am pleased that I have engendered a discussion on what I believe to
be a pertinent issue here. Alan has commented that he feels another
RADIUS fixes RFC would be sensible. I agree with that course of
action.

Thanks for all your time here!

Regards,

Nick

Report New Errata