Re: [Emu] [saag] Fwd: New Version Notification for draft-aura-eap-noob-00.txt
Mohit Sethi <mohit.m.sethi@ericsson.com> Mon, 29 February 2016 17:08 UTC
Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B8A51B37D6; Mon, 29 Feb 2016 09:08:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aBVTvtg3dv0k; Mon, 29 Feb 2016 09:08:32 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88D461B37D4; Mon, 29 Feb 2016 09:08:31 -0800 (PST)
X-AuditID: c1b4fb2d-f79836d000006396-aa-56d47b0d63f6
Received: from ESESSHC013.ericsson.se (Unknown_Domain [153.88.183.57]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id AD.3D.25494.D0B74D65; Mon, 29 Feb 2016 18:08:29 +0100 (CET)
Received: from nomadiclab.lmf.ericsson.se (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.59) with Microsoft SMTP Server id 14.3.248.2; Mon, 29 Feb 2016 18:08:29 +0100
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 46FB94EF83; Mon, 29 Feb 2016 19:11:15 +0200 (EET)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id B3BF14E9B6; Mon, 29 Feb 2016 19:11:14 +0200 (EET)
To: Stefan Winter <stefan.winter@restena.lu>, emu@ietf.org, saag@ietf.org, "tuomas.aura@aalto.fi" <tuomas.aura@aalto.fi>
References: <20160208123035.1562.80507.idtracker@ietfa.amsl.com> <56B8B561.8040300@ericsson.com> <VI1PR07MB1581CE8A426823CC02C94E7DBCAF0@VI1PR07MB1581.eurprd07.prod.outlook.com> <7F9C975440487E49BBD35F4FB088ED74CFCDBF14@EXMDB01.org.aalto.fi> <56C6C4C4.6070201@restena.lu>
From: Mohit Sethi <mohit.m.sethi@ericsson.com>
Message-ID: <56D47B0D.5040000@ericsson.com>
Date: Mon, 29 Feb 2016 19:08:29 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <56C6C4C4.6070201@restena.lu>
Content-Type: multipart/alternative; boundary="------------060400090900010701070409"
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrHLMWRmVeSWpSXmKPExsUyM2K7pS5v9ZUwg/ZtehbH1q9lsZjS38lk Ma+hkd3izcSN7A4sHsdfL2b1WLLkJ5PH8i6fAOYoLpuU1JzMstQifbsEroz9598wF7yprTjw w72B8WBGFyMnh4SAicTH9ZuZIWwxiQv31rOB2EIChxklXs9V6WLkArK3MUocX7SGBcJZyyjx ckMjE4Qzj1Hi5+ImFpAWYYEIidb358BGiQjUSdz5NBmqYzqTxLaHp8HmsgnoSXSeOw5UxMHB K6At0bhREiTMIqAq8Xz/RbBeUaA5hzu72EFsXgFBiZMzn4DN5xTQkjizZA4TiM0sECbxumse G8TZahJXz21ihjhbXWJrxwHGCYxCs5C0z0LSMgtoM7OAvcSDrWUQYXmJ5q2zmSFsfYnrd+6z IosvYGRbxShanFpcnJtuZKyXWpSZXFycn6eXl1qyiREYKwe3/Nbdwbj6teMhRgEORiUe3g3O l8OEWBPLiitzDzFKcDArifCu87wSJsSbklhZlVqUH19UmpNafIhRmoNFSZyX7RNQtUB6Yklq dmpqQWoRTJaJg1OqgVEuQ+nuauWT7yYbXBZianDuexu/m/0Bm97Sv6aT3j+YbirvJ2mxuuNn iXjJ3i7uiNNih7iqAph/KppW3ItiF61Q6FibMqej3K0o2+j4TPX2i7nevT+zCxbHMZocTFY3 WTL7Q3DjnG2ykYu4fA6E/FDyu3v/T9lhxSWXbDrmCmb/PJ4dYrmNSYmlOCPRUIu5qDgRAPhT gSeRAgAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/emu/AB6xIwa06Ya4r4vj0YQfOt5nVO4>
Subject: Re: [Emu] [saag] Fwd: New Version Notification for draft-aura-eap-noob-00.txt
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Feb 2016 17:08:35 -0000
Hi Stefan It is hard to have an exact number on how many "home" access points / integrated all-layer-devices do or do not support 802.1X. In many cases, support can be added to the APs with a software update if there is demand. We believe that given the benefits of this solution and the added security, the deployment of such NAS would increase in general. /--Mohit PS: Let's keep the future discussion for this draft on the SAAG mailing list for now. On 02/19/2016 09:31 AM, Stefan Winter wrote: > Hi, > >> Of course, the benefits of EAP-NOOB will be greater in organizations which already use 802.1X authentication and which have larger numbers of IoT devices than a single home. > Particularly because many "home" access points / integrated > all-layer-devices do not support 802.1X so do not qualify as a NAS. > > Which is unfortunate and yes it would be great to have 802.1X NASes > everywhere. :-) But for your scenario, it's a significant limitation if > you exclude a large percentage of homes. > > (I don't dare make up any real percentage numbers; I'm sure this varies > a lot per country and per operator) > > Greetings, > > Stefan Winter > > >> Anything else that we need to address? >> >> Tuomas >> >> >> >> -----Original Message----- >> From: Josh Howlett [mailto:Josh.Howlett@jisc.ac.uk] >> Sent: Thursday, 18 February, 2016 19:28 >> To: Mohit Sethi <mohit.m.sethi@ericsson.com>; saag@ietf.org; emu@ietf.org >> Cc: Aura Tuomas <tuomas.aura@aalto.fi> >> Subject: RE: [saag] Fwd: New Version Notification for draft-aura-eap-noob-00.txt >> >> Hi Mohit, >> >> This is an interesting draft, but I'm struggling to understand how this would be deployed in the consumer settings that the document alludes to. For example, who do you anticipate will be operating the NAS (the consumer?), AAA server (the vendor?), and the AAA fabric between these actors? >> >> Josh. >> >>> -----Original Message----- >>> From: saag [mailto:saag-bounces@ietf.org] On Behalf Of Mohit Sethi >>> Sent: 08 February 2016 15:34 >>> To: saag@ietf.org; emu@ietf.org >>> Cc: tuomas.aura@aalto.fi >>> Subject: [saag] Fwd: New Version Notification for >>> draft-aura-eap-noob-00.txt >>> >>> Dear all >>> >>> We have just submitted a new IETF Draft titled “Nimble out-of-band >>> authentication for EAP (EAP-NOOB)”. >>> >>> The draft defines an EAP method where the authentication is based on a >>> user-assisted out-of-band (OOB) channel between the server and peer. >>> It is intended as a generic bootstrapping solution for >>> Internet-of-Things devices which have no pre-configured authentication >>> credentials and which are not yet registered on the authentication >>> server. Consider devices you just bought or borrowed. >>> >>> The EAP-NOOB method is more generic than most ad-hoc bootstrapping >>> solutions in that it supports many types of OOB channels. We specify >>> the exact in-band messages but only the OOB message contents and not >>> the OOB channel details. Also, EAP-NOOB supports ubicomp devices with >>> only output (e.g. display) or only input (e.g. camera). Moreover, it >>> makes combined use of both secrecy and integrity of the OOB channel >>> for more robust security than the ad-hoc solutions. We have put a lot >>> of effort into designing a robust security protocol. >>> >>> For one application example, we have used an earlier version of the >>> protocol for bootstrapping security for ubiquitous displays: the user >>> can configure wireless network access, link the device to a cloud >>> service, and register ownership of the device for a specific cloud >>> user – all in one simple step of scanning a QR code with a smart >>> phone. There seemed to more potential to this idea than just using it >>> for our own system, and thus we decided to write a generic EAP method for out-of-band authentication. >>> >>> The draft is available here: >>> https://tools.ietf.org/html/draft-aura-eap-noob-00 >>> >>> Please see if you can make use of it. We look forward to your feedback >>> and comments. >>> >>> Regards >>> /--Mohit >>> >>> >>> -------- Forwarded Message -------- >>> Subject: New Version Notification for draft-aura-eap-noob-00.txt >>> Date: Mon, 08 Feb 2016 04:30:35 -0800 >>> From: internet-drafts@ietf.org >>> To: Tuomas Aura <tuomas.aura@aalto.fi>, Mohit Sethi >>> <mohit@piuha.net> >>> >>> >>> >>> A new version of I-D, draft-aura-eap-noob-00.txt has been successfully >>> submitted by Tuomas Aura and posted to the IETF repository. >>> >>> Name: draft-aura-eap-noob >>> Revision: 00 >>> Title: Nimble out-of-band authentication for EAP (EAP-NOOB) >>> Document date: 2016-02-08 >>> Group: Individual Submission >>> Pages: 35 >>> URL:https://www.ietf.org/internet-drafts/draft-aura-eap-noob-00.txt >>> Status:https://datatracker.ietf.org/doc/draft-aura-eap-noob/ >>> Htmlized:https://tools.ietf.org/html/draft-aura-eap-noob-00 >>> >>> >>> Abstract: >>> Extensible Authentication Protocol (EAP) [RFC3748] provides support >>> for multiple authentication methods. This document defines the EAP- >>> NOOB authentication method for nimble out-of-band (OOB) >>> authentication and key derivation. This EAP method is intended for >>> bootstrapping all kinds of Internet-of-Things (IoT) devices that have >>> a minimal user interface and no pre-configured authentication >>> credentials. The method makes use of a user-assisted one-directional >>> OOB channel between the peer device and authentication server. >>> >>> >>> >>> >>> Please note that it may take a couple of minutes from the time of >>> submission until the htmlized version and diff are available at tools.ietf.org. >>> >>> The IETF Secretariat >>> >>> >>> >>> _______________________________________________ >>> saag mailing list >>> saag@ietf.org >>> https://www.ietf.org/mailman/listinfo/saag >> Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800. >> >> Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800. >> _______________________________________________ >> Emu mailing list >> Emu@ietf.org >> https://www.ietf.org/mailman/listinfo/emu >> > > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu
- [Emu] Fwd: New Version Notification for draft-aur… Mohit Sethi
- Re: [Emu] [saag] Fwd: New Version Notification fo… Aura Tuomas
- Re: [Emu] [saag] Fwd: New Version Notification fo… Aura Tuomas
- Re: [Emu] [saag] Fwd: New Version Notification fo… Stefan Winter
- Re: [Emu] [saag] Fwd: New Version Notification fo… Mohit Sethi