eap Mailing List: Re: EAP pre-authentication, EAP re-authentication, etc.

[Bernard Aboba (bernard_aboba]

Yes, it should probably be:

EAP re-authentication
The completion of EAP authentication between a peer and a server
with whom the EAP peer shares valid unexpired keying material.

> From: "Alper Yegin" <alper.yegin [at] yegin.org>
> To: "'Bernard Aboba'" <bernard_aboba [at] hotmail.com>,<eap [at] frascone.com>
> Subject: RE: [eap] EAP pre-authentication, EAP re-authentication, etc.
> Date: Mon, 2 Oct 2006 09:52:23 +0300
>
>
> > EAP re-authentication
> > The completion of EAP authentication between a peer and an authenticator
> > with whom the EAP peer shares valid unexpired keying material.
>
> Yes, this looks good taking into account "the authenticator."
>
> How about "the authentication server?" Completing of a new EAP
> authentication with the authentication server while the two are still
> sharing an unexpired EMSK could also be considered "re-authentication". 
> This
> is not related to the authenticator at all (i.e., it may or may not be a
> re-authentication with the authenticator).
>
> Are we only interested in re-authentication with respect to the
> authenticators?
>
> Alper