On Wed, Oct 04, 2006 at 08:12:42AM +0300, Jari Arkko wrote: > Yoshihiro Ohba wrote: > > Or are you suggesting to *always* carry EAP message in the handshake > > phase messages regardless of L-flag? > > > That's what I was asking about: can we simplify this > by having just one mode and no flag?
If you are suggesting to have only stateful mode with always carrying EAP message (and no cookie), then an attacker that intercept PSR can blindly send PSA without even parsing PSR, which is not good. If you are suggesting to have only stateless mode with always carrying cookie and EAP message, then a remaining issue would be that PAA needs to retransmit EAP Request while it has sent a cookie, which does not make sense to me. Yoshihiro Ohba > > --Jari > > > _______________________________________________ Pana mailing list [email protected] https://www1.ietf.org/mailman/listinfo/pana
