| Issue 281: Backward compatibility problem | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Tue, 16 Nov 2004 19:35:10 -0500 (EST) | |
Issue 281: Backward compatibility problem
Submitter name: Bernard Aboba
Submitter email address: aboba [at] internaut.com
Date first submitted: 11/16/2004
Reference:
Document: IDSEL-05
Comment type: T
Priority: S
Section: 2.1
Rationale/Explanation of issue
I think that there is a problem with the ABNF defined in Section 2.1.
identity-request-data = [ displayable-string ]
[ %x00 "NAIRealms=" realm-list ]
displayable-string = *OCTET
realm-list = realm /
( realm-list ";" realm )
Section 2.1 states:
"Some existing systems are known to use EAP Identity/Request messages
to send proprietary information to the peer. This proprietary
information is considered to be part of the displayable-string in the
ABNF shown above. In other words, the NUL character followed by the
NAIRealms list MUST be placed at the end."
Actually, existing implementations send information such as the
NAS-Identity *after* the NUL character. Requiring the NAIRealms list to be
sent first is therefore not backward compatible with existing
implementations.
I'd suggest that you need to change the ABNF to enable the NAI-Realms
attribute to be separated from the NUL character by text other than the
attribute
separator used by existing implementations.
-
Issue 281: Backward compatibility problem Bernard Aboba, November 16 2004
-
Re: Issue 281: Backward compatibility problem Bernard Aboba, November 16 2004
-
Re: Re: Issue 281: Backward compatibility problem Artur Hecker, November 17 2004
- Re: Re: Issue 281: Backward compatibility problem Jari Arkko, November 17 2004
-
Re: Re: Issue 281: Backward compatibility problem Artur Hecker, November 17 2004
- Re: Issue 281: Backward compatibility problem Bernard Aboba, November 30 2004
-
Re: Issue 281: Backward compatibility problem Bernard Aboba, November 16 2004
Results generated by Tiger Technologies using MHonArc.