I think it might be a good idea to specify that the close_notify is always sent when the TLS channel is closed. I was thinking that if we really wanted a content on the EAP Response, then it be reasonable to have the client respond with a close_notify as well.
-----Original Message----- From: Alan DeKok <al...@deployingradius.com> Sent: Tuesday, August 4, 2020 10:16 AM To: Jorge Vergara <jover...@microsoft.com> Cc: Jim Schaad <i...@augustcellars.com>; Mohit Sethi M <mohit.m.se...@ericsson.com>; EMU WG <emu@ietf.org>; Benjamin Kaduk <ka...@mit.edu> Subject: Re: [Emu] Commitment Message handling in EAP-TLS 1.3 On Aug 3, 2020, at 2:23 PM, Jorge Vergara <jover...@microsoft.com> wrote: > > ACK that EAP-TLS does not need to keep the connection open. I agree. I'm happy to change the implementations to send "close notify". > Question: should some consideration be given to consistency with other EAP methods that do need to keep the connection open? i.e. PEAP/EAP-TTLS/TEAP When those methods send application data, they don't need to do anything else. When those methods use fast reconnect, they don't send application data. So the other EAP methods should also send "close notify" in that case. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
