| Issue 198: Other EAP Peer SM Issues | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Wed, 12 Nov 2003 10:58:16 -0600 (CST) | |
Issue 198: Other EAP Peer SM issues Submitter name: Ashwin Palekar Submitter email address: ashwinp [at] microsoft.com Date first submitted: Nov 11, 2003 Reference: http://mail.frascone.com/pipermail/public/eap/2003-November/001831.html Document: SM-01 Comment type: T Priority: S Section: 4 Rationale/Explanation of issue: The IDENTITY method is independent of the method being negotiated. How do we deal with the case where different methods require different identities? During EAP authentication sequences, the server can ask for different identities for different eap methods how does the client know which identity it is supposed to provide? clientTimeout who is responsible for setting this? Is this set per request, per eap host, or is it based on some other criteria? eapTunnelled. Who sets this? It is not clear to me. Does the SM behavior when eapTunnelled is set really correspond to that of existing tunneled methods? I don't think so. Is portEnabled condition generic enough? Can it apply to any media, such as PPP? Why do we have allowNotification condition? Whats the use case that a specific eap method turns it on/off? Or is this an EAP setting? Chapter 4.2, in methodState=Done, it says The method always continues at this point. I think it should be ends instead. This document only provides timeout and keys to application. In protocols such as PEAP, other information is also returned such as EAP TLV. So perhaps the text on interfaces between EAP and methods should be clear that this is extensible.
-
Issue 198: Other EAP Peer SM Issues Bernard Aboba, November 12 2003
- Re: Issue 198: Other EAP Peer SM Issues Yoshihiro Ohba, November 17 2003
Results generated by Tiger Technologies using MHonArc.