| Null character in EAP Identity | <– Date –> <– Thread –> |
From: Artur Hecker (hecker enst.fr)
|
|
| Date: Fri, 5 Mar 2004 12:19:02 -0500 (EST) | |
hello
i'm not sure this issue has already been resolved and it is perhaps just my own misunderstanding. however, your kind clarification on this matter would be greatly appreciated.
in the latest draft version (draft-ietf-eap-rfc2284bis-09.txt) in "Appendix A. Changes from RFC 2284" section it is explicitly stated that:
Now, reading the original RFC2284 in section 3.1 Identity/Type-Data it merely states that:
So, I understand it as following: if a typical NAS implementation follows this section of the original RFC2284, it should be capable of dealing with arbitrary Identity payloads i.e. also with ones consisting of several Null bytes, since it would be blindly copying the whole <Length field value> characters.
The Identity string just MUST NOT be null _terminated_. I don't see where the original RFC generally prohibits the Null byte in the Identity payload, e.g. in the middle of it. Actually for me the explicit obligation to use the Length field means that Identity can carry arbitrary characters.
Would you kindly provide clarification on this matter?
i'm not sure this issue has already been resolved and it is perhaps just my own misunderstanding. however, your kind clarification on this matter would be greatly appreciated.
in the latest draft version (draft-ietf-eap-rfc2284bis-09.txt) in "Appendix A. Changes from RFC 2284" section it is explicitly stated that:
o The null character is forbidden in the Type-Data field of an
Identity Response message, as it is in RFC 2284. <...>Now, reading the original RFC2284 in section 3.1 Identity/Type-Data it merely states that:
<...> The field
MUST NOT be null terminated. The length of this field is derived
from the Length field of the Request/Response packet and hence a
null is not required.So, I understand it as following: if a typical NAS implementation follows this section of the original RFC2284, it should be capable of dealing with arbitrary Identity payloads i.e. also with ones consisting of several Null bytes, since it would be blindly copying the whole <Length field value> characters.
The Identity string just MUST NOT be null _terminated_. I don't see where the original RFC generally prohibits the Null byte in the Identity payload, e.g. in the middle of it. Actually for me the explicit obligation to use the Length field means that Identity can carry arbitrary characters.
Would you kindly provide clarification on this matter?
Regards, artur
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.