Thanks Alan and Heikki, We’ll update the last sentence based on your recommendations
Thanks, Bart From: Heikki Vatiainen <h...@radiatorsoftware.com> Date: Friday, 25 July 2025 at 12:59 To: EMU WG <emu@ietf.org> Subject: [Emu] Re: Commentson draft-ietf-emu-eap-ppt-00 On Wed, 23 Jul 2025 at 11:16, Alan DeKok <alan.dekok=40inkbridge...@dmarc.ietf.org<mailto:40inkbridge...@dmarc.ietf.org>> wrote: This is a minor comment. Section 6.1: A peer supporting EAP-PPT MUST NOT send its username or any other permanent identifiers in the first and subsequent EAP-Response/Identity messages. The EAP-Response/Identity message MUST contain only realm portion in order to route the authentication request to the right EAP server. It is RECOMMENDED to eliminate the identity exchange altogether if the route is known through some other means. This text could be confusing. Plus, I'm not sure that it's possible to eliminate the identity exchange. I would suspect that empty identities could also have interoperability problems. I'd also keep the identity exchange. In many cases it's required, for example wired and wireless networks 802.1X authenticator requires it. When it's really not needed, such as IKEv2 [1], those cases can give further advice when and how to drop the initial Identity-Request/Response exchange. [1] https://datatracker.ietf.org/doc/html/rfc7296#section-3.16 EAP-TLS uses word "typically" when it talks about the identity exchange being used when EAP-TLS starts. https://datatracker.ietf.org/doc/html/rfc5216#section-2.1 Easiest update in the draft could be just to drop the sentence with 'RECOMMENDED' altogether, or use a lower case weasel word if something needs to be said. Using an uppercase RFC 2119 key word looks a bit too strong in my opinion. That may cause a developer to come up with an option toggle etc. that is unnecessary just to satisfy RECOMMENDED. -- Heikki Vatiainen h...@radiatorsoftware.com<mailto:h...@radiatorsoftware.com>
_______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
