RFC Errata
RFC 3579, "RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP)", September 2003
Note: This RFC has been updated by RFC 5080
Source of RFC: IETF - NON WORKING GROUP
Errata ID: 6259
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Alan DeKok
Date Reported: 2020-08-20
Edited by: Eliot Lear
Date Edited: 2022-04-01
Section 2.1 says:
Where the initial EAP-Request sent by the NAS is for an authentication Type (4 or greater), the peer MAY respond with a Nak indicating that it would prefer another authentication method that is not implemented locally.
It should say:
Where the initial EAP-Request sent by the NAS is for an authentication Type (4 or greater), the peer MAY respond with a Nak indicating that it would prefer another authentication method. In this case, the NAS should send an Access-Request encapsulating the received EAP-Response/Nak. This allows a peer to suggest another EAP method where the NAS is configured to send a default EAP type (such as MD5-Challenge) which may not be appropriate.
Notes:
Clarify what happens when a NAK is received and correct the "not" in the original text.