So, I noticed that we don't specify the character set of the GSS-EAP name. Well, that's sort of easy. We can say UTF-8. Which of course raises the question of "what then."
That, shall we say, is kind of a mess. Most of that mess is not our problem. However, the part that definitely is is the comparison of the acceptor name attribute provided via AAA with the attribute provided by EAP channel bindings. We want some sort of normalization insensitive comparison that has nice happy properties. In practice, of course what we'll get is octet comparison on the RADIUS server. Advice from people who have sailed this swap before? _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
