Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03

Tim Cappalli <Tim.Cappalli@microsoft.com> Sat, 03 July 2021 01:16 UTC

From: Tim Cappalli <Tim.Cappalli@microsoft.com>
To: "aland@deployingradius.com" <aland@deployingradius.com>, "lear@lear.ch" <lear@lear.ch>
CC: "emu@ietf.org" <emu@ietf.org>
Thread-Topic: [Emu] Question for draft-ietf-emu-tls-eap-types-03
Thread-Index: AQHXbCCmAlmXzRF/iUeBGw7apIyON6spiYGAgAAx+PGAAByfAIAAUUAAgAASfQCAAVtyAIAA+smAgAAD+oCAAYpdAIAADHYAgAHkPICAAGiBqw==
Date: Sat, 03 Jul 2021 01:16:33 +0000
Message-ID: <SJ0PR00MB10384831490B8F890DE2FCC4951E9@SJ0PR00MB1038.namprd00.prod.outlook.com>
References: <DB6D339A-710C-4EC4-9F8E-4B8602632AE1@deployingradius.com> <CABXxEz8EBUz_y1FmQTE9C8cpF+3vqy-mPCx8CnyUMZ72pNifAA@mail.gmail.com> <SJ0PR00MB1038767373E0DE9E3D7BE0DA95039@SJ0PR00MB1038.namprd00.prod.outlook.com> <C7DBE2EB-82BF-4229-B0AF-4BA48B2D45BC@deployingradius.com> <7332.1624927848@localhost> <4F79B7DB-7E55-4564-88AE-C6E2AF8FD293@deployingradius.com> <26359.1625006432@localhost> <BFA8E5C4-D368-41BF-AFA9-BAA35B666F8A@deployingradius.com> <a02d4815-dbfa-e0a0-99fb-0f53127f2fd1@lear.ch> <13DD39D5-57C4-48D2-868A-C4D530127095@deployingradius.com> <79e7dff7-c473-762f-b7f4-3d056b6953fe@lear.ch>, <9235E3E6-1346-4481-A7C8-EEFEF4D56A7F@deployingradius.com>
In-Reply-To: <9235E3E6-1346-4481-A7C8-EEFEF4D56A7F@deployingradius.com>
Accept-Language: en-US
Content-Language: en-US
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2021-07-03T01:15:36.2105102Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard
authentication-results: deployingradius.com; dkim=none (message not signed) header.d=none;deployingradius.com; dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8e5b08ad-e6a0-40ce-6dd1-08d93dc03285
x-ms-traffictypediagnostic: SJ0PR00MB1128:
x-microsoft-antispam-prvs: <SJ0PR00MB1128EB55CACF9FAB80AA7006951E9@SJ0PR00MB1128.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ja34eQTRmpio+fed/ukFGFfWr7+ThgRrjw5x7ADe5ppFClCXJFimiqMCxzVXq31zR+yHja2avcHkJqVk/4JP6WV94g9sz8dKufyQrh8QZNR4hVvIN1tL1YkT1MS3vPHTnLDRBCR9ma3bmWZ9sWzQt25zqAzh5owuO6Upps+3zUsIQikVwwHgeD4K9gaGVxok65IX+tX/7F0q5OTDGkWtHE3PanHYYMEWstao6cTRP73/kaqKe7uXakIDvOV5aA0CfUlc74lrE0cavfyrbYNqY0JvvRBCRDS9Q/TVQpY7Wd3MRAjFZ9jayzqtZL+9l6Vi0s5N9p1VzknDYoUcvMU+w4vSTUCYfJ6cDIj+XIeXUkW2kJQipAxT2s9Kh5qQxxpmNoHUcdr3k6zF/DPu41NOr0xBS43kpUeyI0YekxbIpFlbmT+dsjTZfC7McqkfQ/DWwfxyVG5FJAYJ9JjHcgKzhDOMCesLvqOEYwC7GAw1LOopF54lpvpQwi2Ckm5Vw4meLkCfvQ3d8iQOmf5J+WYTBXzqMr98A0FCXJRe+m5z3hXDtE7u6Lf9Xr7iEDg6NdNEkt2DbH6o9oY/+Iu2hVgOkJpodj0ICEX6+8YCUSXO++zSwBiKx6ymYBQAWrYA74eou3hsiYXwoWANlF8KmjL2YAh+JnHLjRdvW0twfivIBcnWceTF32u8/SeUdOLlP5rWaAtf5byVLTm7T9WEs5TNHEZVH4D3Nlb/umNv0olvCjI=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR00MB1038.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(71200400001)(8990500004)(38100700002)(7696005)(33656002)(110136005)(966005)(10290500003)(478600001)(66946007)(64756008)(316002)(5660300002)(66476007)(66446008)(76116006)(122000001)(91956017)(2906002)(9686003)(66556008)(26005)(55016002)(4326008)(166002)(52536014)(8936002)(86362001)(53546011)(6506007)(186003)(8676002)(82950400001)(82960400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: enRLoVDjLbMMPQyO4Ju0VkHhg+tloUrA2oYUxehAsbEgbQCZhtKZuGgUXaGT36NE+P4vB4yHP4t4vlOyIaqCClcpSp2G4lv+cZfeyC0ra+FJfa6TMkZUJ+wZhFeBWO7HfA2Ej1PhHU/dFWzCkvP2z65SgWBjqItM3MUdNszxvhWY1uSne2IkQD+rUNfteBdClFnpwuPtECSIgpPyqXe8R2kCBee9Kc2/hAN04pqp4QYykQc3Vw+Ad9G8Hhm8bf1sU3WLGcyMpqDyxoKwrhAs6ZETZ3m1XAdDnY0CtKpzJ6EkpfWJ9yjzyR2HSZcx5pbiuRn/8d4raWFSmNlTcw0lgDzSCNqtL63R6AfpbFfaugA0vZfmxYSJ4uYnIFkOeCxiVBXlgJN34fId0krvrw2OioixVVED7lvtjLePcp0Yn6sTBAugXL9j0IFxq/3faTpekpedP4VJJJ2LF8sjz4wPp1vlMBR73LfQiqlytSh3een9qqytgpZqXikp7OGj1rEpqLrZ4FHa+K9Pgp0Y+xoD1YXq8ZYuJfTk0B3MbZz7bigEKK4GFSGya40A1o1D8tWNxDl4N/sPmRBnK2VyvFt0t2XA4lBS2Ul0nJXSu4yH8mDQbSrcU/l68rwisxpbXJWV1GGcaP6QaIiDJMM5+zWsykJZifxALk4CyWXVU4CkPNXNTyMiNVeMWU0q5coyybAY7W1Nhr5EdeQ7pUyn+AbCEMPvx7A4EPxGTCLjGmCKN1jc/M8+JwDb3PRPXZgkHKcc/SXs0N6rsb7Ajbcq+SlCaQ3kT7GAWTJ2rEFY+34Fskvj4sxL3h1fEnVskQmlL7lra8Ltf0NgzAYuygKDuY/rdxfO3eIFN3zc/xtaKxfppPfQ6zPkeBW77Ag2sLit8DdIu3xE8sf27D3Kw92MulvWni5omk7LKY2mhX1Xy1w7Ay4QjB7TAmBOcVHqaRa8uiGIYo9/Vok4ViqgXG9+gY/L0EM19z+SnX6UM3U/0ZOhv8rjK9DlkTMdQCbhFxGtwVAsch2GgexYFqNUxQU9gtiTPAgVKOZjJAGLlBLkj2i+CPi/1VoOoE7Xp9v77jXOjN1y0gboP65/p8icccphkaAAUIl20CZe827Diifip2W1lAIJVvfbmIQMNXxI9iE7GQxkKYZnuTGQmraK47WTj+CRd0dZBtI41ZP1TYdO5rLHYgG9ZCsBETVaYhSUnc5UX+09rsicb0OHXQvC01SC/HkPLmsyCQrGErKvtJqR8nd4618+m92inKrZUxhtVh7nv63KnN8Ijl6V7pApV58kHhfhlA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_SJ0PR00MB10384831490B8F890DE2FCC4951E9SJ0PR00MB1038namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR00MB1038.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8e5b08ad-e6a0-40ce-6dd1-08d93dc03285
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jul 2021 01:16:33.9310 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eKX23sUY45qx4fpKyzADxZvgMrnjnneuLxbZomR8oOY/z1HlvSGQPj5BBn3KXMXHYEubF+eXSPHuj1SXmc2A1A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR00MB1128
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/0N2cBK2A3uFrewK5uUP3p3yXKUo>
Subject: Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jul 2021 01:16:46 -0000

>> The current specs define the base protocols, but leave pretty much everything else undefined.

That’s the job of a spec isn’t it? As far as I understand, deploying in the real world / best practices should go in a BCP.

tim

Sent from Mail for Windows 11

From: Alan DeKok<mailto:aland@deployingradius.com>
Sent: Friday, July 2, 2021 3:02 PM
To: Eliot Lear<mailto:lear@lear.ch>
Cc: EMU WG<mailto:emu@ietf.org>
Subject: Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03

On Jul 1, 2021, at 10:08 AM, Eliot Lear <lear@lear.ch> wrote:
>
> On 01.07.21 15:23, Alan DeKok wrote:
>>   TEAP is one solution, but I don't think everyone is going to move to TEAP overnight.  It would be nice to have solutions for existing (and deployed) EAP methods.
>
> Perhaps I lost the plot, but what do you propose?

  Less of a proposal than trying to define some requirements.

  EAP isn't used in a vacuum.  The current specs define the base protocols, but leave pretty much everything else undefined.  This means that people deploying EAP have to invent and/or discover their own methods to deploy certificates, tie users to machines, tie machines to credentials, etc.

  It would be very nice to say "here's how EAP can be used in the real world".

  Alan DeKok.

_______________________________________________
Emu mailing list
Emu@ietf.org
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Femu&amp;data=04%7C01%7Ctim.cappalli%40microsoft.com%7C6a74ce41b7c6443645c308d93d8be0d2%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637608493715426663%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=3icw%2F1n6Q5WHXkLMYSDBGw%2BIerr7ZvgLlBYJRy%2FS%2BP8%3D&amp;reserved=0

[Emu] Question for draft-ietf-emu-tls-eap-types-03 Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Oleg Pekar
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Tim Cappalli
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Tim Cappalli
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Michael Richardson
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Michael Richardson
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Eliot Lear
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Carolin Baumgartner
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Eliot Lear
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Tim Cappalli
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Tim Cappalli
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Eliot Lear
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Carolin Baumgartner
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Eliot Lear
Re: [Emu] Question for draft-ietf-emu-tls-eap-typ… Alan DeKok