At first glance it looks to me like this is an issue. I'm going to add this as an agenda item for Prague.
Joe On Mar 14, 2011, at 8:11 PM, Bernard Aboba wrote: > Since the EAP Session-Id is utilized in EAP lower layers such as IEEE > 802.1X-2010, the interoperability of an EAP method implementations can be > affected by the definition of the Session-Id. One important requirement for > the Session-Id is that it be unique for each EAP session. That is, a fast > reauthentication should produce a new Session-Id. Recently, some questions > have arisen about the Session-Id specified in EAP SIM, AKA and AKA'. > > As per RFC 5247, the Session-Id is (0x12 | RAND | NONCE_MT) in EAP SIM. > However, when fast re-authentication happens these attributes are not > exchanged. There is another unique attribute NONCE_S sent from server to > client. So the question has arisen as to whether the Session-Id should it be > (0x12 | NONCE_S) when fast re-authentication happens. The same question > arises in EAP AKA/AKA' as well. > _______________________________________________ > Emu mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
