Since the EAP Session-Id is utilized in EAP lower layers such as IEEE
802.1X-2010, the interoperability of an EAP method implementations can be
affected by the definition of the Session-Id. One important requirement for
the Session-Id is that it be unique for each EAP session. That is, a fast
reauthentication should produce a new Session-Id. Recently, some questions
have arisen about the Session-Id specified in EAP SIM, AKA and AKA'.
As per RFC 5247, the Session-Id is (0x12 | RAND | NONCE_MT) in EAP SIM.
However, when fast re-authentication happens these attributes are not
exchanged. There is another unique attribute NONCE_S sent from server to
client. So the question has arisen as to whether the Session-Id should it be
(0x12 | NONCE_S) when fast re-authentication happens. The same question arises
in EAP AKA/AKA' as well.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
