| RE: Issue 204: Peer-to-peer operation | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Wed, 26 Nov 2003 11:36:12 -0600 (CST) | |
> [Joe] OK, sorry to be playing catch up, so the possibility is that the > Peer has not had its policy satisfied so it will not open its port, but > the authenticator may not have any way to know this since it may have > considered its policy complete. It would seem that in this case the > peer would then want to reverse roles and authenticate the previous > authenticator. Can't this be signaled in 802.1x? The authenticator originates EAP authentication and then it offers access to the peer, or it doesn't. It might like to send some packets to the peer, in which case it is interested in whether the peer has accepted the access it offered, but it may not know that. If so, then it could send an EAP-Start to the peer, to signal the peer that it would like to start an authentication in the other direction. So it's not a big deal, really. The point (for RFC 2284bis at least) is just to describe the situation in Section 2.4, Peer-to-peer operation. I think that some changes may be required in the EAP SM to allow the signals to be passed to the lower layer though.
- Re: Issue 204: Peer-to-peer operation, (continued)
- Re: Issue 204: Peer-to-peer operation Bernard Aboba, November 26 2003
- RE: Issue 204: Peer-to-peer operation Joseph Salowey, November 26 2003
- RE: Issue 204: Peer-to-peer operation Bernard Aboba, November 26 2003
- RE: Issue 204: Peer-to-peer operation Joseph Salowey, November 26 2003
- RE: Issue 204: Peer-to-peer operation Bernard Aboba, November 26 2003
- RE: Issue 204: Peer-to-peer operation Joseph Salowey, November 26 2003
- RE: Issue 204: Peer-to-peer operation Bernard Aboba, November 26 2003
- RE: Issue 204: Peer-to-peer operation Bernard Aboba, November 25 2003
Results generated by Tiger Technologies using MHonArc.