To:
ietf-provreg@cafax.se
From:
"Liu, Hong" <Hong.Liu@neustar.biz>
Date:
Mon, 5 Aug 2002 14:14:44 -0500
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Login Failure and Sessions
Scott, I understand your concerns, but the retrial number N is really a configuration parameter. It is not unusual to leave this type of parameters for run-time configuration, take the windowing protocol as an example. The size of the window is not fixed in the spec. It may help, though, to give guidelines to selecting an appropriate value of N in the spec. --Hong -----Original Message----- From: Hollenbeck, Scott [mailto:shollenbeck@verisign.com] Sent: Monday, August 05, 2002 12:40 PM To: 'Liu, Hong'; ietf-provreg@cafax.se Subject: RE: Login Failure and Sessions > I agree with Patrick that this is a server policy issue. The > protocol should > not specify the exact value of N. If so, then we have a protocol with a non-deterministic state diagram. The state of the server WRT to login failures ends up being implementation-dependent, and I think this is going to get us in trouble with the IESG *. -Scott- * I say this because I've been told by our AD that we need a state diagram in the specs, and I can't draw such a diagram if I can't document how the server behaves when it has to deal with a client authentication failure. I'm open to suggestions as to how this kind of implementation choice might be described in a state diagram...