The RFC type requested is Standards Track. The type of RFC is indicated on the
page header. This document updates RFC 5247 and describes how session-Ids are
derived during fast resumption for EAP-SIM, EAP-AKA, and PEAP. This information
was missing in RFC 5247. Hence the requested RFC type is correct.
Technical Summary: RFC 5247 specifies the EAP key hierarchy and prescribes
parameters/keys that EAP authentication methods must export. For EAP
authentication methods such as EAP-SIM and EAP-AKA that were published prior to
RFC 5247, it defines the exported parameters in Appendix A. Appendix A of RFC
5247 however did not specify the Session-Id parameter to be exported during
fast resumption. This document defines the Session-Id to be exported during
fast resumption for EAP-SIM, EAP-AKA, and PEAP.
Working Group Summary: The draft has been reviewed by John Mattsson, Mohit
Sethi, and Jouni Malinen. Session-Ids during fast resumption for EAP-SIM and
EAP-AKA has been implemented in at least one open source tool by Mohit Sethi.
Document Quality: The document itself is very short and ready. There are minor
nits. For example, lines are wrapped at random places. The shepherd recommends
that the author or the RFC editor fixes them before final publication (by using
xml2rfc etc.). All instances of Session-Id should have the 'd' without
capitalization. Reference to draft-arkko-eap-rfc5448bis-06.txt needs to be
updated.
The document shepherd is Mohit Sethi. The Area Director is Roman Danyliw.
The author has confirmed that he is not aware of any IPR on this draft.
The WG considers that the problem addressed in the document is relevant. No
one has threatened any appeal or indicated extreme discontent. No nits (other
than those noted above) were found by the document shepherd. No other
automated checks were performed by the document shepherd.
All normative references are to published IETF and IEEE standards. No downward
normative references exist. The publication of this document will update RFC
5247. The categorization of informative and normative references seems to be
correct. Note that this draft does not reference or update EAP-SIM, EAP-AKA,
and PEAP. This is keeping in line with how RFC 5247 handled the key management
update for previously specified EAP authentication methods.
No new IANA registries are created and no changes to existing registries is
requested.