Rafa> Hi again: I have been thinking again about the situation
Rafa> created with sending an EAP response/id without the
Rafa> authenticator sending EAP request/id and I realized that it
Rafa> may be even worse in the authenticator side. Basically, the
Rafa> authenticator will see an EAP response message which does not
Rafa> answer to any EAP request sent.
OK. point taken.
I've been steadily leaning towards subtoken, but I think the above
argument is convincing enough to push me firmly into the subtoken camp.
Thanks for walking through this with me!
So, I formally propose that we require initiators to send an identity
subtoken either in their first token or in the response to the acceptor
name.
Can I get comments on this?
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
