At the meeting in Quebec we discussed removing attributes specific to particular media types or lower layers and including recommendations for a small number of generally useful attributes in the draft.
The attribute that seems to be most useful would be one that indicates what protocol is carrying the EAP conversation between the EAP peer and authenticator. Its not clear to me if there is an existing attribute that meets this need. It seems that there are the following contenders: NAS-Port-Type (RFC-2865) - this attribute contains the physical type port that is carrying the EAP conversation. It has values for things like ethernet, 802.11,802.16, various flavors of PPPoE, etc. Since it represents a physical port It does not have values for higher layer protocols such as IKEv2 or PANA. Tunnel-Type (RFC-2868) - this attribute is used for setting up compulsory tunnels and contains a value for IPSEC ESP tunnel. It's not clear to me if this would be suitable to indicate IKEv2. EAP-Lower-Layer (http://tools.ietf.org/html/draft-aboba-radext-wlan-13) - this is an draft attribute designed to indicate the EAP lower layer. It contains several values to cover many of the EAP lower layers. IT does cover IKEv2 and PANA. Its likely that list values need to be augmented and cleaned up. NAS-Port-Type and Tunnel-Type seem to have limitations. My initial suggestion is the following: - Define the EAP-Lower-Layer attribute in the document - If the lower layer protocol does not define a specific attribute indicate the lower layer type then EAP-Lower-Layer attributes MUST be included. Would it also be useful to include NAS-Port-Type? - If the lower layer protocol does define a specific attribute then that attribute MUST be included and EAP-Lower-Layer MAY be included. Would it be easier just to always use EAP-Lower-Layer? Thoughts? Joe _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
