eap Mailing List: EAP-SIM and EAP-AKA

[henry.haverinen (henry.haverinen]

Hi everyone,

We have submitted new versions of EAP-SIM and EAP-AKA
to the IETF directiories. The drafts are 
draft-haverinen-pppext-eap-sim-13.txt and 
draft-arkko-pppext-eap-aka-12.txt, and we will also
send these versions to the RFC editor and request 
publication as informational RFCs. 

These versions are technically compatible with 
implementations of previous versions. Many thanks to those 
who contributed and helped with these draft versions. 
Special thanks to Greg Rose and Florent Bersani.

Changes:

- resolutions to Greg Rose's and Florent Bersani's comments,
as discussed in this mailing list

- new optional protected success indications. Their use is
negotiated with the skippable AT_RESULT_IND attribute. 

- new specification for behaviour in failure cases, and the
processing of EAP-Failure. Basically explicit EAP-SIM or EAP-AKA
messages are used in all error cases. Two new notification codes 
for general failure cases. These changes may cause implementations
of old and new draft versions to fail differently, and some
failure cases may result in a timeout. In any case, failed exchanges
will eventually result in failure at both ends, so no real 
compatibility problems are caused by this change.

- the usage of AT_COUNTER for replay protection of notifications,
when notifications are used in fast re-authentication

- clarifications on the encoding of the permanent username

- clarifications on the usage of fast re-authentication identities

- IPR statement removed because the xml template generates another one

- clarifications on the IANA considerations

- fixed bugs in EAP-SIM example packets

- clarifications on the attribute processing order 

- updated security claims

- new informative text to explain the rationale for the
fast re-authentication protocol design

- a lot of formatting changes because of the use of XML

- editorials

Henry