Shepherd writeup
draft-ietf-emu-eap-session-id-02

The RFC type requested is Standards Track. The type of RFC is indicated on the page header. This document updates RFC 5247 and describes how session-Ids are derived during fast resumption for EAP-SIM, EAP-AKA, and PEAP. This information was missing in RFC 5247. Hence the requested RFC type is correct.

Technical Summary: RFC 5247 specifies the EAP key hierarchy and prescribes parameters/keys that EAP authentication methods must export. For EAP authentication methods such as EAP-SIM and EAP-AKA that were published prior to RFC 5247, it defines the exported parameters in Appendix A. Appendix A of RFC 5247 however did not specify the Session-Id parameter to be exported during fast resumption. This document defines the Session-Id to be exported during fast resumption for EAP-SIM, EAP-AKA, and PEAP.

Working Group Summary: The draft has been reviewed by John Mattsson,  Mohit Sethi, and Jouni Malinen. Session-Ids during fast resumption for EAP-SIM and EAP-AKA has been implemented in at least one open source tool by Mohit Sethi.  

Document Quality:  The document itself is very short and ready. There are minor nits. For example, lines are wrapped at random places. The shepherd recommends that the author or the RFC editor fixes them before final publication (by using xml2rfc etc.). All instances of Session-Id should have the 'd' without capitalization. Reference to draft-arkko-eap-rfc5448bis-06.txt needs to be updated.

The document shepherd is Mohit Sethi. The Area Director is Roman Danyliw.

The author has confirmed that he is not aware of any IPR on this draft. 

The WG considers that the problem addressed in the document is relevant.  No one has threatened any appeal or indicated extreme discontent. No nits (other than those noted above) were found by the document shepherd.  No other automated checks were performed by the document shepherd. 

All normative references are to published IETF and IEEE standards. No downward normative references exist. The publication of this document will update RFC 5247. The categorization of informative and normative references seems to be correct. Note that this draft does not reference or update EAP-SIM, EAP-AKA, and PEAP. This is keeping in line with how RFC 5247 handled the key management update for previously specified EAP authentication methods. 

No new IANA registries are created and no changes to existing registries is requested.
Back