| RE: Issue 189: Handling of the identity response | <– Date –> <– Thread –> |
From: John Vollbrecht (jrv umich.edu)
|
|
| Date: Tue, 4 Nov 2003 12:39:30 -0600 (CST) | |
--On Friday, October 31, 2003 2:50 PM -0800 Joseph Salowey <jsalowey [at] cisco.com> wrote:
They do require and identity, but it is not clear it is the EAP identity response but the identity as processed by the NAS and (if necessary) inserted in the RADIUS identity attribute. I think this is the same as MD5.> > The first case - where the method uses the Identity Response > data from the > previous request as an identity does not seem right. In > thinking about it > I am not sure it actually happens in any implementations [as > opposed to > selecting the method instance based on the Response Data].
[Joe] I was under the impression that EAP-OTP required the identity.
This is a bit fuzzy, and I seem to recall some conversation about this. However, I don't see how it would work if, for example, something like Broker/joe [at] company.com were used. Certainly the user would not understand "Broker".
-- John
- RE: Issue 189: Handling of the identity response, (continued)
- RE: Issue 189: Handling of the identity response John Vollbrecht, October 31 2003
- RE: Issue 189: Handling of the identity response Joseph Salowey, October 31 2003
- RE: Issue 189: Handling of the identity response John Vollbrecht, October 31 2003
- RE: Issue 189: Handling of the identity response Joseph Salowey, October 31 2003
- RE: Issue 189: Handling of the identity response John Vollbrecht, November 4 2003
Results generated by Tiger Technologies using MHonArc.