[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RADIUS User-Name versus EAP Identity
> -----Original Message-----
> From: owner-radiusext@ops.ietf.org
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Alan DeKok
> Sent: Friday, October 17, 2008 10:43 PM
> To: Bernard Aboba
> Cc: radiusext@ops.ietf.org
> Subject: Re: RADIUS User-Name versus EAP Identity
>
> Bernard Aboba wrote:
> > [BA] Yes, in most cases the implementation should use the RADIUS
> > User-Name Attribute instead. There might be a few cases
> where the EAP
> > method calculations depend on the EAP-Response/Identity (RFC
> > 3748-defined methods such as EAP-MD5). Are you seeing
> problems only
> > with those methods, or with other ones as well?
>
> The problems are across all EAP methods.
>
[Joe]This is strange, many EAP methods do not rely upon the
EAP-Response/Identity. What are the problems you are seeing?
> > BTW, RFC 5113 Section 2.3 does talk a bit about this issue:
> ...
> > Over the long term, it is expected that the need for NAI
> "decoration"
> > and source routing will disappear
>
> The solution that has been proposed in vendor forums
> removes the need for source routing. Even if we ignore the
> User-Name versus EAP-Identity issues (which exist), the
> manual updates of routes in RADIUS proxy infrastructures is
> becoming prohibitive.
>
> Alan DeKok.
>
> --
> to unsubscribe send a message to
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>