Hi Marco,
Thank you very much for the review.
Please, see comments inline.
Best regards.
El 26/9/24 a las 13:51, Marco Tiloca escribió:
Hi all,
Please see below some comments about this document. Hope it helps!
Best,
/Marco
---
[General]
* The title can incl
Sections '3.4.1. EAP Supplicants' and '3.4.2. EAP Peers'
+++
The section title use term 'supplicant' which is not used much by the EAP
RFC 3748. To quote RFC 3748:
peer
The end of the link that responds to the authenticator. In
[IEEE-802.1X], thi
On Tue, 1 Oct 2024 at 16:26, Alan DeKok wrote:
> Perhaps:
>
> # EAP Peers
>
> An EAP session begins with the peer receiving an initial
> EAP-Request/Identity message. An EAP peer supporting this
> specification MUST examining the identity to see if it uses the eap.arpa
> realm. If not, the EA
On Oct 4, 2024, at 4:19 PM, Michael Richardson wrote:
> Can you give me an example of foo@ vs bar@ which would both be under
> eap.arpa?
Different provisioning methods which use the same underlying EAP method.
> The I-D mentioned in the subject line is bootstrapped-tls, and it uses
> tls-pok-
On Oct 4, 2024, at 12:46 PM, Heikki Vatiainen wrote:
> For me it seems section 3.4.1 title should be 'EAP Peers' and section 3.4.2
> 'EAP Servers'. This would also require carefully updating some instances of
> 'peer' to 'server' and all mentions of 'supplicant' to 'peer'. I don't think
> there
On Fri, 4 Oct 2024 at 20:30, Alan DeKok wrote:
> On Oct 4, 2024, at 12:46 PM, Heikki Vatiainen
> wrote:
>
> > That is, switching to a non-provisioning fully credentialed
> authentication with a NAK shouldn't be done when the initial
> EAP-Response/Identity contains an eap.arpa domain. Also, wh
Alan DeKok wrote:
> However, the situation is more difficult if the EAP supplicant signals
> an NAI for an EAP method which is supported by the peer, but which
> contains a provisioning method which the peer does not support. The
> normal EAP NAK signalling allows selection only
On Oct 4, 2024, at 3:18 PM, Heikki Vatiainen wrote:
> I was thinking something like this:
> - EAP client has credentials for EAP methodX that are about expire;
> provisioning is required
> - The client attempts provisioning with EAP identity ending with
> methodX.eap.arpa
> - The server for some
Hello Dan,
Thanks for considering my comments.
Please see inline below, where I have kept only the remaining open point
about message correlation.
Best,
/Marco
On 2024-10-04 10:18, Dan Garcia Carrillo wrote:
You don't often get email from garcia...@uniovi.es. Learn why this is
i
