Some of the things that need to be fixed are fairly fundamental. For example crypto-binding and avoiding multiple layers of negotiation are fairly fundamental. At this point I'm not sure that modifying TLVs is the best way to achieve this. It needs to be investigated.
Joe > -----Original Message----- > From: Bernard Aboba [mailto:[EMAIL PROTECTED] > Sent: Monday, April 02, 2007 3:46 PM > To: [email protected] > Subject: RE: [Emu] Thoughts on Password-based EAP Methods > > >I'm not sure that adding yet another version to TTLS > specifically for > >supporting passwords will make things better for customers. > Multiple > >versions certainly has caused quite a confusion in PEAP. > > I would agree that "versioning" is not a good idea. However, > as I understand it, EAP-TTLSv0 is the only deployed version > of TTLS; v1 has never > been implemented. So currently there is no versioning issue > with TTLS, and > if possible, it would be best if the IETF would not create > such a problem. > > It is not clear to me that EAP-TTLS needs "versioning" in > order to enable addition of new features in a backwards > compatible way, since it already supports a TLV-based > extension mechanism. > > > > _______________________________________________ > Emu mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/emu > _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
