This is a minor comment. Section 6.1:
A peer supporting EAP-PPT MUST NOT send its username or any other permanent identifiers in the first and subsequent EAP-Response/Identity messages. The EAP-Response/Identity message MUST contain only realm portion in order to route the authentication request to the right EAP server. It is RECOMMENDED to eliminate the identity exchange altogether if the route is known through some other means. This text could be confusing. Plus, I'm not sure that it's possible to eliminate the identity exchange. I would suspect that empty identities could also have interoperability problems. The text could perhaps just say that the Identifier MUST be a realm-only NAI, e.g. @example.com Alan DeKok. _______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
