WBA/IETF Connect-Info Implementation under way

[Alan DeKok]

On Oct 7, 2025, at 6:59 PM, Joey Padden <jpadden at helium.com> wrote:
> One further question here, why in your view is a new VSA better than using Connect-Info? Connect-Info seems to me to have limited information and usefulness with just WFA-GEN-NAME typically seen today from many vendors.

  I won't answer for Jouni, but I'll give my $0.02

  RFC 6158 explains in detail why complex structures are worse than normal attributes.  In the interest of brevity, I won't repeat those here.

  Given Jouni's comments, my suggestion is to submit patches to export this information as VSAs.  That is likely to be accepted into hostap, and at the least isn't wrong.

  It could then be possible to submit a final patch to collate that information into one Connect-Info attribute.  Jouni can then accept it, or not.

  But once the VSAs are in, it's trivial to modify any RADIUS server to parse the VSAs, and/or turn the VSAs into the Connect-Info string as per the draft.

  So I do support the draft, but I also agree that VSAs are generally the preferred approach.  The approach outlined above should get the best of both worlds.

  Alan DeKok.