| Issue 290: State Tracking | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Sat, 19 Feb 2005 14:59:04 -0500 (EST) | |
Issue 290: State Tracking Submitter name: Bernard Aboba Submitter email address: aboba [at] internaut.com Date first submitted: 2/18/2005 Reference: Document: IDSEL-08 Comment type: T Priority: S Section: 2 Rationale/Explanation of issue There are paragraphs in the latest version of the draft which change the behavior of AAA proxies: " The EAP authenticator MAY send an identity hint to the peer in the initial EAP-Request/Identity. If the identity hint is not sent initially (such as when the authenticator does not support this specification), then if the local AAA proxy implementing this specification receives an EAP-Response/Identity with an unknown realm, it SHOULD reply with an EAP-Request/Identity containing an identity hint. If after the local AAA proxy sends an EAP-Request/Identity containing an identity hint, the peer responds with an EAP-Response/Identity containing an unknown realm, then the local AAA proxy MAY respond immediately with an EAP Failure packet, or it MAY first send an EAP-Notification providing the reason for the failure." I think the document needs to suggest how the above changes can be implemented without requiring RADIUS proxies to keep state. For example, use of the State attribute might be mentioned.
-
Issue 290: State Tracking Bernard Aboba, February 19 2005
- RE: Issue 290: State Tracking Adrangi, Farid, February 19 2005
-
RE: Issue 290: State Tracking Adrangi, Farid, February 19 2005
- Re: Issue 290: State Tracking Jari Arkko, February 20 2005
Results generated by Tiger Technologies using MHonArc.