>>>>> "Stefan" == Stefan Paetow <[log in to unmask]> writes:
Stefan> first paragraph of Section 2.1, Chargeable-User-Identity attribute,
Stefan> explicitly forbids any changes outside the home organisation,
Stefan> although, as you pointed out, there is no technical way to prevent
Stefan> that. Additionally, Section 6 (Security Considerations) points out the
Stefan> technical deficiency, but again reiterates the requirement that the
Stefan> CUI may not change in transit.
However the RFC also encourages home organizations to frequently change
the CUI.
|