5 Jan
2015
5 Jan
'15
9:26 a.m.
On Jan 5, 2015, at 9:23 AM, Phil Mayers <p.mayers@imperial.ac.uk> wrote:
It would be helpful to have a reference as to why unadorned EAP messages, without a Service-Type, are harmful. Anyone know of one?
Nope. There is a “Service-Type = IEEE-802.1X”. That should be used for 802.1X. But not many vendors use it that I’ve seen. Perhaps a better solution would be to have a Service-Type dedicated to MAC authentication. Then it wouldn’t matter what authentication method was being used. Sadly, it’s too late for that. Alan DeKok.