Yes, the new Realm assigned in the Initial Exchange should be used already during the Waiting Exchange and Completion Exchange. As part of the editorial improvements in draft-06, I edited the specification to be clearer on this point.
The reason is better compatibility with roaming implementations, which are not part of the EAP-NOOB protocol but may want to work with it. If the Initial Exchange takes place while roaming, some external mechanism is needed to route the Initial Exchange, where the peer uses the default Realm, from the foreign AAA to the peer's intended home AAA. Since the realm is assigned in the Initial Exchange and taken into use immediately, the AAA routing will work normally for the subsequent Waiting and Completion Exchanges, and the same external mechanism is not needed there. That is, it is easier for foreign network to support Initial Exchange for roaming peer devices. The use case for such roaming support in eduroam was brought forward by Josh Howlett and Rhys Smith. Tuomas -----Original Message----- From: Emu <emu-boun...@ietf.org> On Behalf Of Eduardo Inglés UM Sent: Thursday, June 20, 2019 1:20 PM To: emu@ietf.org Subject: [Emu] Implementing EAP-NOOB in Contiki - Use of the Realm assigned by the server? Importance: High Hello all, During the IETF 104 Prague I told you that I am implementing EAP-NOOB in Contiki. During the process I have had few issues that I will send in separate emails for clarifications in the coming weeks. I like the way EAP-NOOB allows the server to send a realm that a peer can use later on during its lifetime. I find it useful when peers are roaming in different networks, for example, in the use case that I sent in a previous email. However, reading the specification it is not clear to me when a device should start using the Realm assigned by the server. Should I use it already during Waiting Exchange? Or only after the device has been successfully authenticated in the Completion Exchange? Regards, Eduardo Inglés. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
