RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 5296, "EAP Extensions for EAP Re-authentication Protocol (ERP)", August 2008

Note: This RFC has been obsoleted by RFC 6696

Source of RFC: hokey (sec)
See Also: RFC 5296 w/ inline errata

Errata ID: 1825
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Glen Zorn
Date Reported: 2009-08-10
Verifier Name: Tim Polk
Date Verified: 2010-07-20

Section 5.1 says:

   We identify two types of bootstrapping for ERP: explicit and implicit
   bootstrapping.  In implicit bootstrapping, the local ER server SHOULD
   include its domain name and SHOULD request the DSRK from the home AAA
   server during the initial EAP exchange, in the AAA message
   encapsulating the first EAP Response message sent by the peer.

It should say:

   We identify two types of bootstrapping for ERP: explicit and implicit
   bootstrapping.  In implicit bootstrapping, the local AAA client or agent 
   SHOULD include its domain name and SHOULD request the DSRK from the home AAA
   server in the AAA message encapsulating the first EAP Response message sent
   by the peer during the initial EAP exchange.

Notes:

The local ER server is an ERP entity, incapable of inserting anything into a AAA message; the ER server's purpose is to provide reauthentication services, not to edit AAA messages. Furthermore, the original text requires that the ER server unnecessarily insert itself in the path of EAP messages, slowing the initial authentication.

Report New Errata



Advanced Search