| Re: Issue 199: Full authenticator SM issue | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Wed, 12 Nov 2003 13:23:02 -0600 (CST) | |
Ashwin Palekar wrote:
Yes.
--Jari
This is the case where EAP is forwarded to first RADIUS server; which tries to negotiate EAP methods with peer. If the client NAKs all the EAP methods proposed, the first RADIUS server forwards it to yet another RADIUS server.
Yes.
I have looked at the state machine again, and now I believe it does not support this (and that is OK).
The way that I read the state machines is that the full machine is for the NAS that either does the authentication itself or forwards it to a RADIUS server. But the RADIUS server side should follow only the backend machine. And the backend machine does not have a transition to send the authentication somewhere else. Pasi, John, & co -- is this your interpretation too?
--Jari
-
Issue 199: Full authenticator SM issue Bernard Aboba, November 12 2003
- Re: Issue 199: Full authenticator SM issue Jari Arkko, November 12 2003
-
RE: Issue 199: Full authenticator SM issue Ashwin Palekar, November 12 2003
- Re: Issue 199: Full authenticator SM issue Jari Arkko, November 12 2003
- Re: Issue 199: Full authenticator SM issue Yoshihiro Ohba, November 12 2003
- Re: Issue 199: Full authenticator SM issue Yoshihiro Ohba, November 12 2003
-
RE: Issue 199: Full authenticator SM issue Pasi.Eronen, November 19 2003
- RE: Issue 199: Full authenticator SM issue Nick Petroni, November 19 2003
Results generated by Tiger Technologies using MHonArc.