BoF Name: eapfix Duration: 1.5 hours Chair: Glen Zorn Area Directors: TBD Area Advisor: TBD [Please note: I am not sure which area (Internet (responsible for the mess) or Security (where on-going work on EAP is located)) is appropriate for this BoF; that's why I'm sending the request to the ADs of both, plus the IETF Chair.] Description ----------- The existing set of RFCs purporting to describe the Extensible Authentication Protocol (EAP) (including, but not limited to, RFC 5247, RFC 4137 and RFC 3748) are shot-through with technical errors, inconsistencies and conventional simplifications which are at best confusing and at worst misleading. Examples include the existence of such fantastic objects as "EAP servers" and "EAP-based keys", the most egregrious being the inclusion of AAA messaging in the state machines described in RFC 4137. The necessesity of revision of these documents is not in question; the purpose of the BoF is to discover whether there is interest among the IETF membership in undertaking the task as a group or if it should be accomplished using the RFC Errata process. Agenda ------ Preliminaries (10 minutes) Blue Sheets Note Takers Jabber Scribe Agenda bashing Document Status Problems with RFC 3748 (20 minutes) Problems with RFC 4137 (20 minutes) Problems with RFC 5247 (20 minutes) Discussion & Wrap-up (20 minutes)