Found 1 record.
Status: Reported (1)
RFC 9190, "EAP-TLS 1.3: Using the Extensible Authentication Protocol with TLS 1.3", February 2022Source of RFC: emu (sec)
Errata ID: 7577
Publication Format(s) : TEXT
Reported By: Alan DeKok
Date Reported: 2023-07-29
Section 2.5 says:
When an EAP-TLS server has successfully processed the TLS client Finished and sent its last handshake message (Finished or a post- handshake message), it sends an encrypted TLS record with application data 0x00. The encrypted TLS record with application data 0x00 is a protected success result indication, as defined in [RFC3748] ...
It should say:
(append) If the EAP-TLS peer does not see the protected success indication, it MUST behave as if it had received an EAP Failure instead.
This is largely a nit, but it's reasonable to say this.
The existing text discussed what the server must do, But it does not say what the
peer does if the server fails to behave this way,