RFC Errata
RFC 4187, "Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)", January 2006
Note: This RFC has been updated by RFC 5448, RFC 9048
Source of RFC: IETF - NON WORKING GROUPArea Assignment: int
Errata ID: 3968
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Huanggj
Date Reported: 2014-04-19
Held for Document Update by: Brian Haberman
Date Held: 2014-06-05
Section 9.3 says:
When processing this message, the peer MUST process AT_RAND and AT_AUTN before processing other attributes. Only if these attributes are verified to be valid, the peer derives keys and verifies AT_MAC. The operation in case an error occurs is specified in Section 6.3.1.
Notes:
The words "these attributes" in sentence "Only if these attributes are verified to be valid, the peer derives keys and verifies AT_MAC." is obscured. It's not clear which attributes are indicated. "AT_RAND and AT_AUTN" or "other attributes"?