On Nov 11, 2019, at 12:27 PM, Owen Friel (ofriel) <ofr...@cisco.com> wrote:
> [ofriel] On reading RFC 7542 again, I certainly agree with the sentiment that 
> the NAI is recommended for EAP identity, but I don't see that actually being 
> explicitly definitively stated anywhere in the document.

  The document recommend using NAI everywhere.  Unfortunately it couldn't 
update EAP.

>>  It is absolutely not mentioned anywhere.  For the simple reason that EAP
>> provides for method negotiation.  We don't need to overload the Identity 
>> field.
> [ofriel] then why does https://tools.ietf.org/html/rfc3748#section-5.1 
> explicitly state " It is RECOMMENDED that the Identity Response be used 
> primarily for routing purposes and selecting which EAP method to use."
> It explicitly states: "selecting which EAP method to use "

   See the 3G specs, or Section 4 of RFC 7542

   For instance, some EAP methods apply
   method-specific pseudonyms in the username part of the NAI [RFC3748].

> Should there be an errata for RFC 3748 to remove the last few words from that 
> sentence: "and selecting which EAP method to use"?

  I don't think so.

> And the "EAP provides for method negotiation" is via Nak messages, Ok, then 
> my confusion was on the EAP method selection statement in section 5.1.

  EAP is unfortunately complex.

  Alan DeKok.

Emu mailing list

Reply via email to