Dave Nelson wrote: >> This is the first I've heard of an "implicit authentication >> action" in this context. > > We have NULL cipher-suites, why can't we have NULL authentication methods?
Yes, but it means we are far afield of the original discussion. > My opinion is that is both "useful" *and* "inappropriate". See my recent > response to Steve Hanna's post. I think that either the EMU WG or NEA WG > needs to seek to amend the "domain of applicability" for EAP to explicitly > include transport of authorization-related data, and be done with it. That's clear enough. > That's the straightforward approach. It avoids the need to cling to > alternate definitions of well understood terms. If you need to re-charter > to gain that authority, then so be it. IMHO, this whole discussion looks > like an end-run around the "domain of applicability" restrictions for EAP. I agree it does look that way. I don't even think that's a wrong characterization of the issue. > Shall we take the high road here? At the very least, you could seek > clarification from the IESG as to whether they think that the current > "domain of applicability" for EAP embraces the "additional data" you want to > include. After all, enforcement of "applicability statements" is a very hit > or miss thing in the IETF. You may get lucky. :-) I would prefer to get WG consensus first. If the WG believes it's a good idea, the re-chartering process becomes simpler. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu