EAP Extensions for EAP Re-authentication Protocol (ERP)
Note: This ballot was opened for revision 14 and is now closed.
(Tim Polk) Yes
(Jari Arkko) (was Discuss) No Objection
The document says: Our analysis indicates that some EAP implementations are not RFC 3748 compliant in that instead of silently dropping EAP packets with code values higher than 4, they may consider it an error. Please consider adding "This may lead into problems such as ERP cabable and legacy EAP nodes being unable to complete basic EAP protocol and therefore be unable to provide network access." (Just to be very explicit about this.)
(Ron Bonica) No Objection
(Ross Callon) No Objection
(Lars Eggert) No Objection
(Pasi Eronen) No Objection
(Sam Hartman) (was Discuss) No Objection
(Russ Housley) No Objection
Comment (2008-02-20 for -)
Please remove phrases like "future versions of this draft." If you really think this document is ready for publication as an RFC, then phrases like this should not appear.
(Chris Newman) No Objection
Comment (2008-02-21 for -)
The phrasing here: "HMAC-SHA256-128 is mandatory to support." is a bit vague. Interoperability might be improved by saying, for example: HMAC-SHA256-128 is mandatory to implement and should be enabled in the default configuration.