Hello,

I've just submitted an -00 on a topic that we've been struggling with in
ABFAB recently (but which exists in every EAP-over-AAA scenario, not
limited to ABFAB).

http://www.ietf.org/internet-drafts/draft-winter-radext-populating-eapidentity-00.txt

Abstract:
   There are some subtle considerations for an EAP peer regarding the
   content of the EAP-Response/Identity packet when authenticating with
   EAP to an EAP server.  This document describes two such
   considerations and suggests workarounds to the associated problems.

The issue touches multiple areas and working groups (EAP, EAP methods,
RADIUS, Diameter) so I had to do a guesstimate for a proper home. I
would think radext is the best match, cc'ing abfab and dime, and also
emu even though it's shutting down).

If you recall those in-depth discussions about fixing either EAP methods
to use UTF-8, or why EAP Identity would need to be restrained to UTF-8
even if a method doesn't do it, then yes: the draft is about that.

In ABFAB, we added a ABFAB-specific band-aid sentence to RFC7057:
"Circumstances might require that applications need to perform
conversion of identities from an application specific character set to
UTF-8 or another character set required by a particular EAP method."

Which was enough to get the document through IESG, but this should
better be fixed more generally for every EAP use case; hence this new draft.

It's short and concise - I'd appreciate if you could give it a read and
comment.

If there's still free time on the agenda, I would also merrily discuss
it in London.

Greetings,

Stefan Winter

P.S.: Don't miss my other submission about an EAP Configuration File
Format, which I've been told to submit to ops-area/opsawg:

http://datatracker.ietf.org/doc/draft-winter-opsawg-eap-metadata/

Annoucement here:
http://www.ietf.org/mail-archive/web/ops-area/current/msg01114.html

-------- Original Message --------
Subject: New Version Notification for
draft-winter-radext-populating-eapidentity-00.txt
Date: Fri, 14 Feb 2014 00:43:29 -0800
From: internet-dra...@ietf.org
To: Stefan Winter <stefan.win...@restena.lu>, "Stefan Winter"
<stefan.win...@restena.lu>


A new version of I-D, draft-winter-radext-populating-eapidentity-00.txt
has been successfully submitted by Stefan Winter and posted to the
IETF repository.

Name:           draft-winter-radext-populating-eapidentity
Revision:       00
Title:          Considerations regarding the correct use of 
EAP-Response/Identity
Document date:  2014-02-14
Group:          Individual Submission
Pages:          6
URL:
http://www.ietf.org/internet-drafts/draft-winter-radext-populating-eapidentity-00.txt
Status:
https://datatracker.ietf.org/doc/draft-winter-radext-populating-eapidentity/
Htmlized:
http://tools.ietf.org/html/draft-winter-radext-populating-eapidentity-00


Abstract:
   There are some subtle considerations for an EAP peer regarding the
   content of the EAP-Response/Identity packet when authenticating with
   EAP to an EAP server.  This document describes two such
   considerations and suggests workarounds to the associated problems.





Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat



Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu

Reply via email to