The following errata report has been submitted for RFC5216, "The EAP-TLS Authentication Protocol".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7991 -------------------------------------- Type: Editorial Reported by: E Vashist Kumar <evashi...@gmail.com> Section: 2.1.3 page 10 Original Text ------------- Authenticating Peer Authenticator ------------------- ------------- <- EAP-Request/ Identity EAP-Response/ Identity (MyID) -> <- EAP-Request/ EAP-Type=EAP-TLS (TLS Start) EAP-Response/ EAP-Type=EAP-TLS (TLS client_hello)-> <- EAP-Request/ EAP-Type=EAP-TLS (TLS server_hello, TLS certificate, [TLS server_key_exchange,] TLS certificate_request, TLS server_hello_done) EAP-Response/ EAP-Type=EAP-TLS (TLS certificate, TLS client_key_exchange, TLS certificate_verify, TLS change_cipher_spec, TLS finished) -> <- EAP-Request/ EAP-Type=EAP-TLS (TLS change_cipher_spec, TLS finished) EAP-Response/ EAP-Type=EAP-TLS -> <- EAP-Request EAP-Type=EAP-TLS (TLS Alert message) EAP-Response/ EAP-Type=EAP-TLS -> <- EAP-Failure (User Disconnected) Corrected Text -------------- Authenticating Peer Authenticator ------------------- ------------- <- EAP-Request/ Identity EAP-Response/ Identity (MyID) -> <- EAP-Request/ EAP-Type=EAP-TLS (TLS Start) EAP-Response/ EAP-Type=EAP-TLS (TLS client_hello)-> <- EAP-Request/ EAP-Type=EAP-TLS (TLS server_hello, TLS certificate, [TLS server_key_exchange,] TLS certificate_request, TLS server_hello_done) EAP-Response/ EAP-Type=EAP-TLS (TLS certificate, TLS client_key_exchange, TLS certificate_verify, TLS change_cipher_spec, TLS finished) -> <- EAP-Request EAP-Type=EAP-TLS (TLS Alert message) EAP-Response/ EAP-Type=EAP-TLS -> <- EAP-Failure (User Disconnected) Notes ----- The message which has to be sent after server fails to authenticate the peer is ,TLS alert message, The TLS change cipher spec and the TLS finished cannot be sent from the server side if the server fails to authenticate the peer. Instead the server has to send TLS alert message after the peer sends change cipher spec. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC5216 (draft-simon-emu-rfc2716bis-13) -------------------------------------- Title : The EAP-TLS Authentication Protocol Publication Date : March 2008 Author(s) : D. Simon, B. Aboba, R. Hurst Category : PROPOSED STANDARD Source : EAP Method Update Stream : IETF Verifying Party : IESG _______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
