>>>>> "Alper" == Alper Yegin <[email protected]> writes:
Alper> When retransmission is exclusively handled by the client-side
Alper> EAP lower-layer, an EAP message that gets silently discarded
Alper> by the EAP method may stall the EAP lower-layer state
Alper> machine. In such a case, applications MUST handle discarded
Alper> EAP messages.
Hi.
I prefer the existing text to this new text.
The existing text is:
> In addition to retransmission behavior applications need to deal with
> discarded EAP messages. For example, whenever some EAP methods receive
erroneous
> input, these methods discard the input rather than generating an error
> response. If the erroneous input was generated by an attacker,
> legitimate input can sometimes be received after the erroneous
> input. Applications MUST handle discarded EAP messages,
I like the existing text for several reasons. First, like Joe I think
this is not just a client controlled EAP lower layer retransmit issue.
I believe you can get stalls both in server and client. Second, I
believe that even if it is true, the way the existing text is written
will be easier for application developers to understand than the new
text.
I also like the explanation of how the discards come up because it
helps application developers understand the issue.
I don't see problems with the existing text so I am against adopting
this change.
Alper> input. Both of these options require the EAP methods to
Alper> notify the EAP and/or EAP lower-layer when an EAP message is
Alper> discarded.
This is true, but the state machine in section 4.1 of RFC 4137 provides
this interface. While that's not normative text, it seems fairly clear
that if you think about how to implement EAP you're going to need the no
response variable described in RFC 4137.
Alper> Specifications of how EAP is used for application
Alper> authentication MUST document how retransmission are
Alper> handled. If the retransmissions are exclusively handled by
Alper> the client-side EAP lower-layer, then the specifications MUST
Alper> also document how message discards are handled.
I'm happier with that being a SHOULD than a MUST.
Also my comments about how the discard issue are described here apply as
well.
In conclusion, I do not support these changes and prefer the existing
text.
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
