Hi Paul, We are unable to verify this report that the submitter marked as editorial, so we changed the Type to “Technical”. As Stream Approver, please review and set the Status and Type accordingly (see the definitions at https://www.rfc-editor.org/errata-definitions/).
You may review the report at: https://www.rfc-editor.org/errata/eid7991 Information on how to verify errata reports can be found at: https://www.rfc-editor.org/how-to-verify/ Further information on errata can be found at: https://www.rfc-editor.org/errata.php Thank you. RFC Editor/rv > On Jun 13, 2024, at 10:52 PM, RFC Errata System <rfc-edi...@rfc-editor.org> > wrote: > > The following errata report has been submitted for RFC5216, > "The EAP-TLS Authentication Protocol". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid7991 > > -------------------------------------- > Type: Editorial > Reported by: E Vashist Kumar <evashi...@gmail.com> > > Section: 2.1.3 page 10 > > Original Text > ------------- > Authenticating Peer Authenticator > ------------------- ------------- > <- EAP-Request/ > Identity > EAP-Response/ > Identity (MyID) -> > <- EAP-Request/ > EAP-Type=EAP-TLS > (TLS Start) > EAP-Response/ > EAP-Type=EAP-TLS > (TLS client_hello)-> > <- EAP-Request/ > EAP-Type=EAP-TLS > (TLS server_hello, > TLS certificate, > [TLS server_key_exchange,] > TLS certificate_request, > TLS server_hello_done) > > EAP-Response/ > EAP-Type=EAP-TLS > (TLS certificate, > TLS client_key_exchange, > TLS certificate_verify, > TLS change_cipher_spec, > TLS finished) -> > > <- EAP-Request/ > EAP-Type=EAP-TLS > (TLS change_cipher_spec, > TLS finished) > EAP-Response/ > EAP-Type=EAP-TLS -> > <- EAP-Request > EAP-Type=EAP-TLS > (TLS Alert message) > EAP-Response/ > EAP-Type=EAP-TLS -> > <- EAP-Failure > (User Disconnected) > > Corrected Text > -------------- > Authenticating Peer Authenticator > ------------------- ------------- > <- EAP-Request/ > Identity > EAP-Response/ > Identity (MyID) -> > <- EAP-Request/ > EAP-Type=EAP-TLS > (TLS Start) > EAP-Response/ > EAP-Type=EAP-TLS > (TLS client_hello)-> > <- EAP-Request/ > EAP-Type=EAP-TLS > (TLS server_hello, > TLS certificate, > [TLS server_key_exchange,] > TLS certificate_request, > TLS server_hello_done) > > EAP-Response/ > EAP-Type=EAP-TLS > (TLS certificate, > TLS client_key_exchange, > TLS certificate_verify, > TLS change_cipher_spec, > TLS finished) -> > > <- EAP-Request > EAP-Type=EAP-TLS > (TLS Alert message) > EAP-Response/ > EAP-Type=EAP-TLS -> > <- EAP-Failure > (User Disconnected) > > Notes > ----- > The message which has to be sent after server fails to authenticate the peer > is ,TLS alert message, The TLS change cipher spec and the TLS finished cannot > be sent from the server side if the server fails to authenticate the peer. > Instead the server has to send TLS alert message after the peer sends change > cipher spec. > > Instructions: > ------------- > This erratum is currently posted as "Reported". (If it is spam, it > will be removed shortly by the RFC Production Center.) Please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > will log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC5216 (draft-simon-emu-rfc2716bis-13) > -------------------------------------- > Title : The EAP-TLS Authentication Protocol > Publication Date : March 2008 > Author(s) : D. Simon, B. Aboba, R. Hurst > Category : PROPOSED STANDARD > Source : EAP Method Update > Stream : IETF > Verifying Party : IESG > _______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
