eap Mailing List: Proposed Resolution to Issue 326: Identifiers

[Bernard Aboba (bernard_aboba]

The text of Issue 326 is enclosed below.  The proposed resolution is as 
follows:

In Section 1, change:

"The combination of the Peer-ID and Server-ID uniquely specifies the
endpoints of the EAP method exchange."

To:

"The combination of the Peer-ID and Server-ID may uniquely specify the
endpoints of the EAP method exchange when they are provided."

--------------------------------------------------------------------------------------------------------
Issue 326: Identifiers
Submitter name: Joe Salowey
Submitter email address: jsalowey [at] cisco.com
Date Submitted: December 1, 2005
Reference:
Document: Keying-08
Comment type: T
Priority: 1
Section: 1
Rationale/Explanation of issue:

"  EAP methods also MAY export method-specific peer and server
  identifiers (peer-ID and server-ID), a method-specific EAP
  conversation identifier known as the Method-ID, and the lifetime of
  the exported keys, known the Key-Lifetime.   EAP methods MAY also
  support the import and export of Channel Bindings.  New EAP method
  specifications MUST define the Peer-ID, Server-ID and Method-ID. The
  combination of the Peer-ID and Server-ID uniquely specifies the
  endpoints of the EAP method exchange."

It seems that additional data associated with the identity should be
exported to satisfy section 1.3.  Suggestion is to add this and call
them identity attributes.

In this paragraph it states that the "Peer-ID and Server-ID uniquely
specifies the  endpoints of the EAP method exchange", however further down 
it states
that these quantities may be null.  This is contradictory.  Suggested
modification to above text:

"The combination of the Peer-ID and Server-ID may uniquely specify the
endpoints of the EAP method exchange if the method supports unique IDs."