eap Mailing List: RE: Re: Rewrite of Section 2 of the EAP Key Management Framework

[Salowey, Joe (jsalowey]

>> Hi Bernard,
>> 
>> I think in general this looks pretty good.  I have some comments and
>> questions: 
>> 
>> Section 2.3
>> 
>> - In paragraph 4 it states
>> 
>> "In either case, it can be assumed that the parties do not utilize
>> the link to exchange data traffic unless their authentication
>> requirements have been met." 
>> 
>> Is there a reason why it is useful to assume this?  I'm not sure that
>> it needs to be true (although I agree that it often is).
>> 
>> 
> I think it is a simplifying assumption that at least for me
> clarifies what the situation is when parties utilize the link
> for data traffic. But let me turn this around:
> can you cite an example where it would be useful to NOT assume this?
> 
[Joe] When there is no ciphering there are cases where some traffic
maybe allowed on the link before authentication is complete.  This could
also be possible in the ciphering case that the peer and authenticator
could allow certain types of traffic on the link, but I don't know any
off hand.  The text is probably OK as it is.