Re: [Emu] Proposed resolution for TEAP errata 5765
On Fri, Oct 23, 2020 at 9:20 AM Jouni Malinen wrote: > On Thu, Oct 22, 2020 at 05:44:33PM +0300, Oleg Pekar wrote: > > The Authority-ID TLV is used by the client to identify the TEAP server it > > is talking to. If the same client talks to more than one TEAP server - it > > can keep PACs or cached data from all of them identified by > > the Authority-ID. If we make it optional in TEAP start message but keep > > mandatory in PAC-Info part of the PAC - TEAP servers can stop sending it > > during TEAP start and then clients will need to fetch it from PAC, if > there > > is a PAC in the conversation. But if there's no PAC - then no way to > > identify TEAP server. > > > > Maybe we should keep it mandatory? > > That would be in conflict with Section 4.3.1: "Outer TLVs MUST be marked > as optional." > > Please note that this M flag does not define whether the attribute must > be included in the message; it defines whether the recipient has to > reject the message if it does not support the TLV. We can still > require the Authority-ID TLV to be present in TEAP/Start while marking > it optional for the receiver to understand it (M=0).. And Section 3.2 > does indeed say that: >The EAP server initiates the TEAP conversation with an EAP request >containing a TEAP/Start packet. This packet includes a set Start (S) >bit, the TEAP version as specified in Section 3.1, and an authority >identity TLV. > > This is still valid with M=0 for that TLV.. > > [Joe] I agree with Jouni here. It is still valid to require the authority ID in the message, the receiver does not have to process it. > -- > Jouni MalinenPGP id EFC895FA > ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
Re: [Emu] Proposed resolution for TEAP errata 5765
On Thu, Oct 22, 2020 at 05:44:33PM +0300, Oleg Pekar wrote: > The Authority-ID TLV is used by the client to identify the TEAP server it > is talking to. If the same client talks to more than one TEAP server - it > can keep PACs or cached data from all of them identified by > the Authority-ID. If we make it optional in TEAP start message but keep > mandatory in PAC-Info part of the PAC - TEAP servers can stop sending it > during TEAP start and then clients will need to fetch it from PAC, if there > is a PAC in the conversation. But if there's no PAC - then no way to > identify TEAP server. > > Maybe we should keep it mandatory? That would be in conflict with Section 4.3.1: "Outer TLVs MUST be marked as optional." Please note that this M flag does not define whether the attribute must be included in the message; it defines whether the recipient has to reject the message if it does not support the TLV. We can still require the Authority-ID TLV to be present in TEAP/Start while marking it optional for the receiver to understand it (M=0).. And Section 3.2 does indeed say that: The EAP server initiates the TEAP conversation with an EAP request containing a TEAP/Start packet. This packet includes a set Start (S) bit, the TEAP version as specified in Section 3.1, and an authority identity TLV. This is still valid with M=0 for that TLV.. -- Jouni MalinenPGP id EFC895FA ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
Re: [Emu] Proposed resolution for TEAP errata 5765
The Authority-ID TLV is used by the client to identify the TEAP server it is talking to. If the same client talks to more than one TEAP server - it can keep PACs or cached data from all of them identified by the Authority-ID. If we make it optional in TEAP start message but keep mandatory in PAC-Info part of the PAC - TEAP servers can stop sending it during TEAP start and then clients will need to fetch it from PAC, if there is a PAC in the conversation. But if there's no PAC - then no way to identify TEAP server. Maybe we should keep it mandatory? On Thu, Oct 22, 2020 at 12:47 AM Joseph Salowey wrote: > Errata 5765: https://www.rfc-editor.org/errata/eid5765 > Proposed Status: Verified > Revision: (unmodified from original posting) > > Section 4.2.2 says: > >M > > Mandatory, set to one (1) > > It should say: > >M > > 0 (Optional) > > Notes: > > Authority-ID TLV is used only as an Outer TLV (in TEAP/Start) and Section > 4.3.1 mandates all Outer TLVs to be marked as optional ("Outer TLVs MUST be > marked as optional"). As such, Section 4.2.2 is incorrect in claiming the > Authority-ID TLV to use M=1. > ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
[Emu] Proposed resolution for TEAP errata 5765
Errata 5765: https://www.rfc-editor.org/errata/eid5765 Proposed Status: Verified Revision: (unmodified from original posting) Section 4.2.2 says: M Mandatory, set to one (1) It should say: M 0 (Optional) Notes: Authority-ID TLV is used only as an Outer TLV (in TEAP/Start) and Section 4.3.1 mandates all Outer TLVs to be marked as optional ("Outer TLVs MUST be marked as optional"). As such, Section 4.2.2 is incorrect in claiming the Authority-ID TLV to use M=1. ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu