RFC Errata
RFC 5216, "The EAP-TLS Authentication Protocol", March 2008
Note: This RFC has been updated by RFC 8996, RFC 9190
Source of RFC: emu (sec)
Errata ID: 2510
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Min Pae
Date Reported: 2010-09-03
Held for Document Update by: Sean Turner
Section 3.1 says:
The L bit (length included) is set to indicate the presence of the four-octet TLS Message Length field, and MUST be set for the first fragment of a fragmented TLS message or set of messages.
It should say:
The L bit (length included) is set to indicate the presence of the four-octet TLS Message Length field, and MUST be set for the first fragment of a fragmented TLS message. The L bit MAY be included in all fragments of a fragmented TLS message, but if included the TLS Length MUST represent the entire length of the TLS message.
Notes:
The lack of definition for what to do with the L bit and the TLS length field for TLS fragments other than the first fragment is leaving the door open to divergent behavior for whether the L bit and length field are included, what the length contains if they're included, and how to interpret it.