| RE: Issue 174: Mandatory to Implement | <– Date –> <– Thread –> |
From: Walker, Jesse (jesse.walker intel.com)
|
|
| Date: Sun, 14 Sep 2003 21:52:07 -0500 (CDT) | |
The right thing to do is to replace MD5 challenge as the mandatory-to-implement method. This will cause problems--it always does--but that's just how it is. To serve the future EAP must cut ties that are holding it in the past. > > It seems wasteful to require an EAP peer to implement the > > EAP MD5-Challenge method, even in situations (such as > > IEEE 802.11i) where mutual authentication is required. Can > > we relax this requirement? > > The obvious problem is that this leaves EAP as essentially an empty > framework, removing the basis for any but purely formal > interoperability. In addition, since AFAIK 802.11i doesn't > specify any > EAP method as mandatory (relying instead upon RFC 2284), it > leaves them > in the same boat. Is this really desirable?
- RE: Issue 174: Mandatory to Implement, (continued)
- RE: Issue 174: Mandatory to Implement Bernard Aboba, September 12 2003
- RE: Issue 174: Mandatory to Implement Glen Zorn, September 12 2003
Results generated by Tiger Technologies using MHonArc.