eap Mailing List: Re: [Issue 248] Comments on EAP state machine v4

[Florent Bersani (florent.bersani]

More in-line

Nick Petroni wrote:

> Protected result indications are METHOD SPECIFIC. you have not started the
>
> method at the point when your 'invalid Nak insertion' attack takes place.
> You will notice on the Peer that the methodState variable is initialized
> to NONE. Therefore, if immediately after (or before) an Identity exchange
> the attacker forges a Failure the Peer MUST accept it.
>  
Right I just came to this unfortunate conclusion in a mail I've just 
sent you :-(

> [Comment 17]
>  
>
> > > What is the issue precisely?
> > >
> > >      
> > you say to AAA that you have a response to send (aaaEspResp=TRUE) when
> > you don't (aaaRespData=NONE).
> >    
> No, you do not. YOu have a respnse *received*. 
No you don't IINM

I'm talking of Figures 6 and 7: you start in INITIALIZE move with UCT to 
SELECT_ACTION, take decision PASSTHROUGH, transition to 
INITIALIZE_PASSTHROUGH, take the transition currentId==NONE and end in 
AAA_IDLE

I don't see the response you have... but I might well be confused as it 
was the case with the transition I forgot in Figure 3 :-( & ;-)