Skip to main content

Extensible Authentication Protocol (EAP) Session-Id Derivation for EAP Subscriber Identity Module (EAP-SIM), EAP Authentication and Key Agreement (EAP-AKA), and Protected EAP (PEAP)
RFC 8940

Yes

Roman Danyliw

No Objection

Alvaro Retana
Erik Kline
Martin Duke
(Deborah Brungard)
(Magnus Westerlund)

Note: This ballot was opened for revision 04 and is now closed.

Roman Danyliw Yes

Alvaro Retana No Objection

Erik Kline No Objection

Martin Duke No Objection

Murray Kucherawy No Objection

Comment (2020-05-29 for -04)
I suspect it would be helpful to expand EAP, EAP-SIM, EAP-AKA, PEAP, and FILS on first use.

Section 2 feels like it's phrased as an erratum.  I suggest removing the explicit citation of the existing document and just include the new text.

Robert Wilton No Objection

Comment (2020-06-08 for -04)
Like Warren, this document a long way outside of my area of expertise.

However, having said that, I found the document easy to read and follow, and believe that this represents useful work, so thank you.

Regards,
Rob

Warren Kumari No Objection

Comment (2020-06-01 for -04)
Thank you for this document — this is far outside my expertise, so I’m balloting NoObjection, because, well,  I have no objection :-)

Do please see the OpsDir comments at https://datatracker.ietf.org/doc/review-ietf-emu-eap-session-id-03-opsdir-lc-dodge-2020-05-24/ , for some useful nits...

Éric Vyncke No Objection

Comment (2020-06-08 for -04)
Alan,

Thank you for the work put into this document. The short document is easy to read and I am trusting the security AD for the security aspects.

Just wondering why there is no -03 ;-) and suggest to update errata 5011 (that is still open)

Regards

-éric

(Barry Leiba; former steering group member) No Objection

No Objection (2020-06-02 for -04)
— Section 2 —

   This section updates [RFC5247] ...
   It further
   defines Session-ID derivation for PEAP.

This section does not address PEAP; that’s done in Section 3.  I suggest removing that last sentence.

— Section 3 —

   [RFC5247] did not define Session-Id definition for Microsoft's
   Protected EAP (PEAP).  For consistency with EAP-TLS the definition
   given in [RFC5216] Section 2.3, we define it as:

Both sentences here need some fixing:

NEW
   [RFC5247] did not define Session-Id for Microsoft's
   Protected EAP (PEAP).  For consistency with the EAP-TLS definition
   given in [RFC5216] Section 2.3, we define it as:
END

(Benjamin Kaduk; former steering group member) (was Discuss) No Objection

No Objection (2020-07-27 for -05)
Thanks for all the updates!
It looks like there's one "fast re-authentication" that is split across        
a line (in Section 2.3) and thus escaped the cleanup pass.

(Deborah Brungard; former steering group member) No Objection

No Objection (for -04)

                            

(Magnus Westerlund; former steering group member) No Objection

No Objection (for -04)