Re: [Emu] draft-aura-eap-noob-08 NAI
Eliot Lear <lear@cisco.com> Fri, 24 April 2020 13:22 UTC
Return-Path: <lear@cisco.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E15D53A012A for <emu@ietfa.amsl.com>; Fri, 24 Apr 2020 06:22:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.601
X-Spam-Level:
X-Spam-Status: No, score=-9.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R9BU80eFebO9 for <emu@ietfa.amsl.com>; Fri, 24 Apr 2020 06:22:56 -0700 (PDT)
Received: from aer-iport-2.cisco.com (aer-iport-2.cisco.com [173.38.203.52]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DCDD3A0CDD for <emu@ietf.org>; Fri, 24 Apr 2020 06:22:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1133; q=dns/txt; s=iport; t=1587734573; x=1588944173; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=bUyIRVp1RhMLPr9VRfdaP2iXVBeT8mbSwzVNBF152Z4=; b=A/44gy6sRp82KJ0gGe/JJ703Yak1zNU0YRmVCRgbdFukp3X5n2hy8oZ6 C5LtV4nnvkedP90h3oiBb6qfq8xp3YtbZAF0g3TS6BU242zSVIECHfst0 yn14i/ghSMAShZO7k8ZHOgfNf4WpnL3gHdg0mjzJU+ZmxRaJ2ExzE3vGz 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CzDAC956Je/xbLJq1dCRwBAQEBAQcBAREBBAQBATyBRwIBgxNUASASKoQfiQKIFZlfE4FnCwEBAQwBARsUBAEBhEQCgko6BA0CAwEBCwEBBQEBAQIBBQRthVYMQgEQAYUdAQEBAQIBI1YFCwsYAgImAgJXBhODJgGCXCCxIHaBMoVPhRCBDioBjFKCAIERJxyCTT6CZwSBLgEICgEJGIMSMoItBLIbgk+CaoUij28WB5xxqTSDQgIEBgUCFYFsDBNmcDMaCBsVZQGCPgk1EhgNmX+Ffz8DMAIBATECBgEHAQEDCYVOhxctghYBAQ
X-IronPort-AV: E=Sophos;i="5.73,311,1583193600"; d="scan'208";a="25618506"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 24 Apr 2020 13:22:50 +0000
Received: from ams3-vpn-dhcp5713.cisco.com (ams3-vpn-dhcp5713.cisco.com [10.61.86.80]) by aer-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 03ODMnVS022135 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 24 Apr 2020 13:22:49 GMT
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Eliot Lear <lear@cisco.com>
In-Reply-To: <2ed6d505-3e43-5524-7979-54bf2e6f70a0@ericsson.com>
Date: Fri, 24 Apr 2020 15:22:48 +0200
Cc: Max Crone <max@maxcrone.org>, EMU WG <emu@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <E5F4446E-DB8C-4C0B-BD44-33F7CE77B3AA@cisco.com>
References: <3c0676c8-0810-4f70-4eb5-5d92abc35422@maxcrone.org> <2ed6d505-3e43-5524-7979-54bf2e6f70a0@ericsson.com>
To: Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
X-Outbound-SMTP-Client: 10.61.86.80, ams3-vpn-dhcp5713.cisco.com
X-Outbound-Node: aer-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/-dFlKdJ-niNbw6CkfeE8PO3Suqc>
Subject: Re: [Emu] draft-aura-eap-noob-08 NAI
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Apr 2020 13:22:58 -0000
Hi Mohit > On 24 Apr 2020, at 15:02, Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org> wrote: > > Hi Max, > > Tuomas can give you a definite answer. My understanding is that error > 1001 should be sent by the server if the received identity does not > follow the requirements of draft-aura-eap-noob. Besides, implementing > the stricter checks of this draft is easier than validating the ABNF of > RFC7542 (after which you would anyways need to verify compliance with > this draft). > > And you are right. The absence of server-assigned realm in Figure 2 is > probably an editorial oversight. However, I wouldn't call the optional > server assigned realm as RESERVED_DOMAIN. If anything, I would call > eap-noob.net as a reserved/special use domain. There are all manner of reasons not to use eap-noob.net. I think we talked to the IAB about this at some point and they were comfortable with something in .ARPA, but we’d need to reconfirm. This is a small matter that should be cleared up with a few email exchanges. Eliot
- [Emu] draft-aura-eap-noob-08 NAI Max Crone
- Re: [Emu] draft-aura-eap-noob-08 NAI Mohit Sethi M
- Re: [Emu] draft-aura-eap-noob-08 NAI Eliot Lear
- Re: [Emu] draft-aura-eap-noob-08 NAI Mohit Sethi M