RFC Errata
RFC 3579, "RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP)", September 2003
Note: This RFC has been updated by RFC 5080
Source of RFC: IETF - NON WORKING GROUP
Errata ID: 6154
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Alan DeKok
Date Reported: 2020-05-01
Edited by: Eliot Lear
Date Edited: 2022-04-01
Section 2.1 says:
EAP-Start is indicated by sending an EAP-Message attribute with a length of 2 (no data).
It should say:
EAP-Start is indicated by sending an EAP-Message attribute with a length of 3. The single byte of data SHOULD be set to zero on transmission and MUST be ignored on receipt. RADIUS clients MUST NOT send EAP-Message attributes of length 2, as attributes with no value are not permitted in RADIUS. However, for historical reasons and for compatibility with existing practice, RADIUS servers MUST accept EAP-Messages of length 2, and treat them as EAP-Start.
Notes:
RFC 2865 Section 5 says that empty attributes must be omitted:
text 1-253 octets containing UTF-8 encoded 10646 [7]
characters. Text of length zero (0) MUST NOT be sent;
omit the entire attribute instead.
Section 3.1 of RFC 3579 also says that the EAP-Message attribute cannot be sent with length 2:
...
Type
79 for EAP-Message
Length
>= 3
...
In practice, few devices seem to send EAP-Message with Length 2.