Re: [Emu] More TEAP issues

Eliot Lear <lear@lear.ch> Wed, 30 November 2022 06:24 UTC

Return-Path: <lear@lear.ch>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DE06C14CF0D for <emu@ietfa.amsl.com>; Tue, 29 Nov 2022 22:24:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.089
X-Spam-Level:
X-Spam-Status: No, score=-7.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=lear.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22YNWFpm9itv for <emu@ietfa.amsl.com>; Tue, 29 Nov 2022 22:24:26 -0800 (PST)
Received: from upstairs.ofcourseimright.com (upstairs.ofcourseimright.com [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D5A3C14CF07 for <emu@ietf.org>; Tue, 29 Nov 2022 22:24:24 -0800 (PST)
Authentication-Results: upstairs.ofcourseimright.com; dmarc=none (p=none dis=none) header.from=lear.ch
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lear.ch; s=upstairs; t=1669789458; bh=1+0aT91+GO7en2QccWbZ7SJqfgU+qq5qXl3ewvl5wSw=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=lW1A2GYPL3NK+bxvSVGlemhGATQlHU4Z1vwNfjdFVXR/2tsEwfQF0xWS/4f9N1bya cN3nXBZcFqYwzOq4GjTV11LOwwN3cpEf+mAtJjmVj+IfTDqIIYf9XnKYy+9th05YIS fY6Ya2rfCyUS86WgqGKWgsHsnrHWa/jOkiY8bscQ=
Received: from [IPV6:2001:420:c0f8:1001::c3] ([IPv6:2001:420:c0f8:1001:0:0:0:c3]) (authenticated bits=0) by upstairs.ofcourseimright.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 2AU6OH2W342964 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Wed, 30 Nov 2022 07:24:17 +0100
Message-ID: <2fe44c6e-6450-2ce3-e4bd-88b4d22e53a0@lear.ch>
Date: Wed, 30 Nov 2022 07:24:15 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.4.2
Content-Language: en-US
To: Joseph Salowey <joe@salowey.net>, Alan DeKok <aland@deployingradius.com>
Cc: EMU WG <emu@ietf.org>
References: <449FBD6E-34F7-49A2-A9A1-72BD716E1DDA@deployingradius.com> <CAOgPGoCwk3UVq7Wv+1SNh8cQta70VegiNAz917aHVhvO2QtA7A@mail.gmail.com>
From: Eliot Lear <lear@lear.ch>
In-Reply-To: <CAOgPGoCwk3UVq7Wv+1SNh8cQta70VegiNAz917aHVhvO2QtA7A@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/5djUWNtDTRlz9NY_XTT_XiasHrE>
Subject: Re: [Emu] More TEAP issues
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2022 06:24:30 -0000

I'd support a revision as well.  See below:

On 30.11.22 02:14, Joseph Salowey wrote:
> [Joe] speaking as a participant, I'd be happy to assist with a 
> revision.  I think it is needed.  Most of the current errata are 
> tracked here - https://github.com/emu-wg/teap-errata/pulls. I think 
> the target would be to obsolete 7170 with a revision that just fixes 
> the errata and makes any needed clarifications.  We can also work on 
> posting the Errata, but the revised document would be more effective 
> at getting these issues fixed.

I'd also like to take some time to consider what additional TLVs may be 
required.  Right now there is an incongruence between TEAP and other 
protocols that sign certs in that there is no CSR attributes TLV.  There 
may be several others to consider.

Eliot