So, I was wondering what's up with the EAP applicability draft and why we've not made more progress. I'm kind of glad I didn't ask the question but instead went back to my notes, because I discovered that I dropped the ball. I already put forward some text on retransmission; Jim and Yoshi provided edits and they were happy with that. I don't think Alper was happy with the result; the chairs and editors of EAP applicability will need to resolve who is in the rough there.
However, I also promised text on re-authentication. Proposed text: EAP lower layers MAY provide a mechanism for re-authentication to happen within an existing session [RFC 3748]. Diameter standardizes a mechanism fro an AAA server to request re-authentication [RFC 4005]. Re-authentication permits security associations to be updated without establishing a new session. For network access, this can be important because interrupting network access can disrupt connections and media. Some applications might not need re-authentication support. For example if sessions are relatively short-lived or if sessions can be replaced without significant disruption, re-authentication might not provide value. Protocols like HypertextTransport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP) are examples of protocols where establishing a new connection to update security associations is likely to be sufficient. Re-authentication is likely to be valuable if sessions or connections are long-lived or if there is a significant cost to disrupting them. Another factor may make re-authentication important. Some protocols only permit one side of a connection (for example the client) to establish a new connection. If another party in the protocol MAY need the security association refreshed then re-authentication can provide a mechanism to do so. Lower layers SHOULD describe whether re-authentication is provided and which parties can initiate it. _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
