How about adding the following text at the bottom of 2.1.2: "Implementations that do not use this algorithm are often restricted to having an EAP Identifier space per NAS, or perhaps one that is global to the implementation. These restrictions are unnecessary when the above algorithm is used, which gives each session a unique EAP Identifier space. The above algorithm SHOULD be used to track EAP sessions in preference to any other method.
This looks good.
Should we talk about EAP duplicate detection in a RADIUS document? Or just say something about RADIUS as a transport protocol?
I agree that the proposed text is awkward. I'd rather focus solely on duplicate detection within RADIUS.
The question in my mind was whether the algorithm in Section 2.1.2 also enabled RADIUS duplicate detection to take place on a per-session rather than a per-NAS basis. That was the tradeoff that Jouni was referring to in his message.
-- to unsubscribe send a message to radiusext-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/radiusext/>