Appendix A: SG-1Vendor-Specific Attributes

June 30, 2006

user:eds-enc-key sub-attribute

The user:eds-enc-key sub-attribute contains an encryption key for EDS operation. The encryption key should be exactly 16 characters long, comprised solely of characters from the set (“0 - 9”, “a - f”, “A - F”). Every two characters in the key represent a hexadecimal byte. The bytes should be DES key legal, i.e. each containing an odd number of '1' bits. This key is being used in DES encryption and decryption of the EDS USERPASS field, and overwrites the configured EDS encryption key. The encryption key maximum length is 64 characters. This key is being used in the EDS encryption and decryption and overwrites the configured EDS encryption key. The user:eds-enc-key sub- attribute is operated in hierarchy mode and supports both user and service levels.

General:

Operation Mode: Access-Accept message

Service-Accept message

Vendor-type: 22

Vendor-length = 2 + (1-64) + attribute-name length

Format:

adc-avpair = "user:eds-enc-key=<EDS encryption key>",

Example:

adc-avpair = "user:eds-enc-key=02f804fea90102f8",

user:eds-cookie sub-attribute

The user:eds-cookie sub-attribute contains a user eds cookie data information, a string of maximum size of 64haracters. It is available to be sent by the Radius server to the system in an Access-Accept or Service-Accept messages. The system SHOULD send it unmodified to the Radius server as part of the Authentication and Accounting-Requests packets. This sub-attribute is operated in hierarchy mode and supports both user and service levels. This attribute can also be updated by the SSC (see EDS architecture document).

Operation Mode: Access-Accept message

Service-Request message

Vendor-type: 23

Vendor-length = 2 + (1-64) + attribute-name length

Format:

adc-avpair = "user:eds-cookie=<user eds cookie>",

Example:

adc-avpair = "user:eds-cookie=rt123456",

A-14

SG1-UM-8500-03

Page 172
Image 172
ADC SG-1 user manual Adc-avpair = usereds-enc-key=EDS encryption key, Adc-avpair = usereds-enc-key=02f804fea90102f8