Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
"Owen Friel (ofriel)" <ofriel@cisco.com> Thu, 19 September 2019 11:20 UTC
Return-Path: <ofriel@cisco.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A3AF120803; Thu, 19 Sep 2019 04:20:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=eeWc1Cac; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=J+8Cl9vA
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fh1itxOYiTon; Thu, 19 Sep 2019 04:20:11 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8668C1201E4; Thu, 19 Sep 2019 04:20:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13728; q=dns/txt; s=iport; t=1568892011; x=1570101611; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=ISvssDH4BW4FLY6Omj4afIVSIybb89nOmKHNnZ3o/a4=; b=eeWc1Cac7aIWvylndmmBEPfgP1DkTaDjdP1mcu5KeQCe9z0E1YxNkogz ud/3e3dpZBm0ZYn5z3RFpSNnOmiQ3d7JhsBcsBtbsyD7jZ8SOrJXmXIpS pwR4Pe/GniSGw8ONE/A+lOxVutDH9NYt6xEOQYzz2oVXwlAS8vf6et4xe Q=;
IronPort-PHdr: 9a23:4IphnheGsuRthoDY0RxrZrlClGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwKYD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFnpnwd4TgxRmBceEDUPhK/u/aCIgHclGfFRk5Hq8d0NSHZW2ag==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CBAAD3Y4Nd/5FdJa1cCRkBAQEBAQEBAQEBAQEHAQEBAQEBgWeBRVADbVYgBAsqhCKDRwOKfIJcl3OCUgNUCQEBAQwBARgLCgIBAYQ/AheCbCM4EwIDCQEBBAEBAQIBBQRthS0MhUoBAQEDAQEBEBERDAEBLAsBBAcEAgEIEQMBAQEBAgIUEgICAiULFQgIAgQBDQUIGoMBgWoDDg8BDqMGAoE4iGFzgTKCfQEBBYEzAQMCg1QYghcDBoEMKItrAR0YgUA/gRFGgU5+PoJVDAEBAgEXgR0EFhJNgjwygiaMYw4LglyFTZZ3bgqCIocFjh6CNpZtjhaBOoZXkQACBAIEBQIOAQEFgWkhgVhwFTuCbB8xEBSBTgkag0+BGoN6hT9zAYEojHojgjABAQ
X-IronPort-AV: E=Sophos;i="5.64,523,1559520000"; d="scan'208";a="329198525"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 19 Sep 2019 11:20:10 +0000
Received: from XCH-RCD-009.cisco.com (xch-rcd-009.cisco.com [173.37.102.19]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x8JBK9xe029992 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 19 Sep 2019 11:20:09 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-009.cisco.com (173.37.102.19) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 19 Sep 2019 06:20:09 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 19 Sep 2019 06:20:08 -0500
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 19 Sep 2019 06:20:08 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PxnRXQu6J5G1aXg5zuFJaT04aYEP43Ouq1ET96skXr9nM6wQs1z4honEKYxE/GYnrUTMXE9SPNfroGgz2HiO5ifFvD3SK/dMSWaUhjzupS9lQ6u8+Xk3aoNt2WpNTk/eaXd9mJAG/q9H/zVJmlSvu0S/M/V4fs83YhRPEiIkqBUa0H0YDotI6M52onL3MGc5XaZxuhGTXV/sw36HfS+3Qet9iTYXkwf3zyRrPzUA8lZwWwuMMYsFGU2HcXYZTfoifk/XHvs7ABQ+4LdJF3fSSNtVe95fdbeyjNvnmhRBD0/MQHTJahRQPU+csp4WwPIcnMXYXI8MvYDbodOljo9x1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ISvssDH4BW4FLY6Omj4afIVSIybb89nOmKHNnZ3o/a4=; b=oUiK003mT6dQ7iMIjVB9CuBgZSTZuU8NuFEhfGOkn6Z1xtDwrmel2K1RVOJewPKrerIKr9EWys2et92WJaSQ89vWCjObxL/BZr/bqA9AzhDkAL9Twt4Xwm+dSc7ZcTvH6yS2bnZYaKAbTEAXPBA+f+JlzUWwAHNvAVZ7jNAVF0netqNNtJBjsWi940q85RQVRkEPehDQzHABCFqawG0QLgHw4O7n47aoE5Zr1wBEO3C4kzRQjzexCPed2Xzbnoi2hsJppI3tuIBJlQS39g9Yw999OiKUyGvJZtMhE1kNeY5fYW0RsKvnkqhzU+6VLfpsjZTHasINgzzAICkJ6kk7xw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ISvssDH4BW4FLY6Omj4afIVSIybb89nOmKHNnZ3o/a4=; b=J+8Cl9vAlqt5VLBYB7NER2mnuiE78mwRoprfEjBvfm9knuQ28H0QTrEZ18DLbsS3vpRzxtMBBL1+2ady1fDkXdmEvejs/XtTVqcd8p4iS056N/wB42ewjmfndR6Pgq0VCnJAfKsrIt/sqqb2gmsQaiKcdNM5WaqX+LUl5oRohbs=
Received: from CY4PR1101MB2278.namprd11.prod.outlook.com (10.172.76.13) by CY4PR1101MB2214.namprd11.prod.outlook.com (10.172.76.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17; Thu, 19 Sep 2019 11:20:07 +0000
Received: from CY4PR1101MB2278.namprd11.prod.outlook.com ([fe80::686a:2f6e:32c2:5127]) by CY4PR1101MB2278.namprd11.prod.outlook.com ([fe80::686a:2f6e:32c2:5127%9]) with mapi id 15.20.2263.023; Thu, 19 Sep 2019 11:20:07 +0000
From: "Owen Friel (ofriel)" <ofriel@cisco.com>
To: John Mattsson <john.mattsson@ericsson.com>, Jim Schaad <ietf@augustcellars.com>, 'Alan DeKok' <aland@deployingradius.com>
CC: "draft-ietf-emu-eap-tls13@ietf.org" <draft-ietf-emu-eap-tls13@ietf.org>, 'EMU WG' <emu@ietf.org>
Thread-Topic: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
Thread-Index: AdVKJoKyKr1G5+9hQuKLAEK5rLYqPgfSdnOQAABeFAAABkCJgP//55mA//bAJjCAEoZ6AIAAJXeA///jpID//4j+YAAgT+oAABHGqoD//9GSsP//c42A//71brA=
Date: Thu, 19 Sep 2019 11:20:07 +0000
Message-ID: <CY4PR1101MB2278C3D94372DB5E47AF5D8ADB890@CY4PR1101MB2278.namprd11.prod.outlook.com>
References: <7828_1564869242_5D46027A_7828_348_1_02e001d54a45$e92ae900$bb80bb00$@augustcellars.com> <20b118932a4843b6b88e605799fafea8@aalto.fi> <211AD83C-D111-4EEB-AAF0-D9B5E521F4CF@deployingradius.com> <8F355C6F-DF1E-4E03-B75E-0F1D2508B9D4@ericsson.com> <246280B8-6E5C-484B-95BD-9C940C98C507@deployingradius.com> <CY4PR1101MB22781AB8C8982ACF99B61544DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com> <DAE24683-2B66-40F1-AFC6-77250113B204@deployingradius.com> <1FD26215-86AF-4C64-83ED-AB1D67D1937B@ericsson.com> <DB61AD67-77D5-4EF9-9207-4CD20C3B61C7@deployingradius.com> <CY4PR1101MB2278103D6B59896837905DC2DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com> <BC8ACA1E-D2BE-4E0D-B39A-C105806CA38E@deployingradius.com> <008b01d56eb3$5c51e550$14f5aff0$@augustcellars.com> <CY4PR1101MB22788A2FD4A3C3EFC9280BA5DB890@CY4PR1101MB2278.namprd11.prod.outlook.com> <80E3DD70-C335-4D63-A6B7-E74DEFD69EDF@ericsson.com>
In-Reply-To: <80E3DD70-C335-4D63-A6B7-E74DEFD69EDF@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ofriel@cisco.com;
x-originating-ip: [2001:420:4041:1250:a8b9:6c1c:9fd6:400]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0a112088-79ff-4f94-67e1-08d73cf353bb
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:CY4PR1101MB2214;
x-ms-traffictypediagnostic: CY4PR1101MB2214:
x-ms-exchange-purlcount: 8
x-microsoft-antispam-prvs: <CY4PR1101MB22146A6E2C2D0A811D91552DDB890@CY4PR1101MB2214.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 016572D96D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(366004)(346002)(396003)(39860400002)(136003)(51444003)(54534003)(199004)(189003)(13464003)(14444005)(55016002)(25786009)(6116002)(9686003)(6306002)(53546011)(6246003)(186003)(6436002)(110136005)(11346002)(71190400001)(8936002)(74316002)(2906002)(486006)(476003)(7736002)(966005)(229853002)(54906003)(86362001)(305945005)(76116006)(102836004)(446003)(5660300002)(33656002)(81156014)(99286004)(46003)(81166006)(52536014)(6506007)(14454004)(71200400001)(7696005)(316002)(478600001)(66446008)(66946007)(8676002)(66556008)(4326008)(64756008)(66476007)(256004)(76176011); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1101MB2214; H:CY4PR1101MB2278.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: LcjuoFUgWAGlvVxnrfviyTMueTxs9QKLxPU5zeaE8SzbC4kx8u4WoarHfT7ReHf5slmBkzlTl8a+e7zUuztNonNJAaYHu1XNHAaxPQ94KMWjtRUHbyyjbcvCwRw6DlS5EUpFWrGZXQspzLk+824iUdfKX/Wgoj74kf2W5JhyBcbxhmGW0kSqj/7PcTDn7I0d9xxcun4ONe4FPqV8tJ3C0HQ2Cwm2ulyOXnJv8TeS1ze8xbpxZY8+jbSrZgr8u1iy8oWARORx3mJ5ZRRlG4Ud5KDntorb1M4XKaxehbTZx0KT8gA6O4nRU4sOuq6cf5u67gT0kv+QqXrsnKWqLVhSKB8YoDqpcAl6CktF68/BzLc1rjaRt9bOwvGlbe+OYTP1HGgnOAlUmQW59Ws/0u7qRqyyKVvwxt97mCBy9BrhRR8=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 0a112088-79ff-4f94-67e1-08d73cf353bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2019 11:20:07.4295 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: s+NaukzMss83KZ4wzynI087fx8w74zkCSToL+V/jGNWgzjzHBP5+WcXrnA5+VJPZSI2ciIq/HlWPnd7sG4GSfA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1101MB2214
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.19, xch-rcd-009.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/CIoNcLC-C_p-HOU6NRgyOPhzth0>
Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2019 11:20:15 -0000
> -----Original Message----- > From: John Mattsson <john.mattsson@ericsson.com> > Sent: 19 September 2019 11:04 > To: Owen Friel (ofriel) <ofriel@cisco.com>; Jim Schaad > <ietf@augustcellars.com>; 'Alan DeKok' <aland@deployingradius.com> > Cc: draft-ietf-emu-eap-tls13@ietf.org; 'EMU WG' <emu@ietf.org> > Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 > > I am starting to come down on the side the EAP-TLS PSK should be specified. > > - I think EAP-PSK should be phased out like all other methods not giving PFS. > - The security of the Dragonfly handshake used in EAP-PWD (and WPA3) > seems quite shaky ( https://eprint.iacr.org/2019/383 ), but I have not looked > into the details. > > - An EAP password method for the future should likely use the PAKE that > CFRG will soon standardize. > - EAP methods should in the future support some PQC key exchange. > > TLS will very likely get support for both the CFRG PAKE and PQC key > exchange algorithms. I am not sure the EAP group want to spend time > updating either EAP-PSK or ESP-PWD. Unless there are other benefits with > EAP-PSK or EAP-PWD, I think standardizing EAP-TLS PSK makes a lot of sense. Right, we have already started a couple of drafts along these lines, but are in a holding pattern now until CFRG are done: https://tools.ietf.org/html/draft-barnes-tls-pake-04 https://tools.ietf.org/html/draft-sullivan-tls-opaque-00 > > I also note that, EAP-PSK is experimental and EAP-PWD is informal. Unless > IETF thinks PSK and passwords should not be used (which does certainly not > seem to be the case as TLS 1.3 is including PSK and CFRG is standardizing > password based AKE) I think that EMU should make some PSK and password > based method Standards Track. At the moment EAP-TLS 1.3 looks like the > best choice. > Additionally, we have had early discussions about updating TEAP RFC7170 to explicitly handle TLS 1.3, these updates could possibly be incorporated into https://tools.ietf.org/html/draft-lear-eap-teap-brski-04 , which is more and more looking like a general TEAP extensions / update draft, not a BRSKI specific draft. And FYI, some movement has been made on TEAP with experimental support added to wpa_supplicant https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog > Jim wrote: > > and more to do with the security properties of the EAP method. > > If that is seen as a problem, standardizing a separate Type-Code for EAP-TLS > with PSK authentication would solve the problem. > > /John > > -----Original Message----- > From: "Owen Friel (ofriel)" <ofriel@cisco.com> > Date: Thursday, 19 September 2019 at 11:17 > To: Jim Schaad <ietf@augustcellars.com>, 'Alan DeKok' > <aland@deployingradius.com> > Cc: "draft-ietf-emu-eap-tls13@ietf.org" <draft-ietf-emu-eap- > tls13@ietf.org>, 'EMU WG' <emu@ietf.org> > Subject: RE: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 Resent > from: <alias-bounces@ietf.org> Resent to: John Mattsson > <john.mattsson@ericsson.com>, <mohit@piuha.net> Resent date: > Thursday, 19 September 2019 at 11:17 > > > > > -----Original Message----- > > From: Jim Schaad <ietf@augustcellars.com> > > Sent: 19 September 2019 07:28 > > To: 'Alan DeKok' <aland@deployingradius.com>; Owen Friel (ofriel) > > <ofriel@cisco.com> > > Cc: draft-ietf-emu-eap-tls13@ietf.org; 'EMU WG' <emu@ietf.org> > > Subject: RE: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 > > > > I am going to come down on the side of no PSK should not be supported. > > However my issues have nothing to do with how things are implemented > > and more to do with the security properties of the EAP method. > > > > When you use certificates, there is no leakage of who the client is as this > is > > encrypted by TLS. When you use a restore session ticket, it is possible to > limit > > the number of times that the ticket can be used (for example once). > > The PSK identity is public and unprotected so it can be used to track. If > one is > > using PSK for the purpose of authentication then that value will always be > > visible to intermediate parties for the purpose of tracking. > > This can be slightly mitigated by using restore session tickets with PSK, > but > > you are going to send that PSK identifier over the wire many times. > > The IoT use case is to use the PSK one time for authentication during > bootstrapping, then get credentialed, and thereafter use a certificate for > subsequent EAP authentications. The bootstrap PSK enables proof of > possession i.e. the thing will only bootstrap against a network that knows its > PSK. > > > > > > > This is just informational and can be ignored: > > > > My current favorite way to deal with PSK/ticket identifiers is with > > encryption: > > > > 32 bytes of index into table > > 32 bytes of date information > > 32 bytes of SIV (synthetic IV) > > > > Encrypt the first two items using the SIV. You can then have multiple > keys for > > decryption. One for PSKs and a resolving one for session tickets. If the > > identifier does not decrypt then you reject. Otherwise you look at the > date > > information and the index in the table for the secret information. > > > > It is even possible to play games with AAD to do things like scope the > tickets > > up front - if you put in the name/address of the NAS then you have a > > prescreen on where the ticket can be used. > > > > Jim > > > > > > > > > > -----Original Message----- > > From: Emu <emu-bounces@ietf.org> On Behalf Of Alan DeKok > > Sent: Wednesday, September 18, 2019 2:59 PM > > To: Owen Friel (ofriel) <ofriel@cisco.com> > > Cc: draft-ietf-emu-eap-tls13@ietf.org; EMU WG <emu@ietf.org> > > Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 > > > > On Sep 18, 2019, at 5:42 PM, Owen Friel (ofriel) <ofriel@cisco.com> > wrote: > > > Giving some implementation guidance seems appropriate here. > Naively, > > > one > > could envisage the implementation simply having a DB table for extern > PSKs > > and a table that holds NewSessionTickets. An implementation could > simply > > check the extern PSK table using the PskIdentity.identity, and if no match > is > > found then check the NewSessionTickets table. > > > > Which works, but should be called out in the draft. > > > > And what is to prevent the system from generating conflicting PSK > > identities? i.e. I don't control OpenSSL. From what I see, TLS 1.3 > resumption > > means that OpenSSLL will choose whatever PSK identity it deems fit. > > > > As an implementor and/or admin, how do I choose *pre-provisioned* > PSK > > identities which won't conflict with the ones OpenSSL choose? > > > > > The default OpenSSL NSK ticketId is 32 bytes long > > https://protect2.fireeye.com/url?k=fa7cdbfa-a6f60f3b-fa7c9b61- > 863d9bcb726f- > 0570ce4a3462cb4b&q=1&u=https%3A%2F%2Fgithub.com%2Fopenssl%2Fop > enssl%2Fblob%2F558ea84743918f7a93bfbfc259f86a > > d1fa4c > > 8de9/include/openssl/ssl3.h#L127 so something has gone seriously > wrong if > > there is a clash (poor randoms, etc.). > > > > i.e. "pick a long string and that should be good enough". > > > > If that really is the guidance, then this should also be called out in the > draft. > > PSK identities MUST be long (ideally 32 octets or more), and MUST be > > generated from a CSPRNG. > > > > Which then leads to the question of what will the poor user enter in a > UI? > > If "end users" shouldn't be doing this, the draft also needs to call that > out. > > > > > Well, more precisely, the PSK identity is visible in the ClientHello, > > > not > > the actual PSK of course. > > > > Sure. > > > > > And the PSK *must not* be a user-manageable string such as the > > >> NAI. On the other hand, if the PSK is sent after encryption begins, > > >> then the PSK *should* be a user-manageable string such as an NAI. > > > > > > https://tools.ietf.org/html/rfc8446#section-2.2 also states: > > > ... > > > so TLS-PSK is not suitable for a user entered low entropy password. We > > > need a PAKE for that (c.f. the ongoing CFRG PAKE assessment) > > > > Sure. > > > > > There are some use cases Eliot and I are looking at related to IoT > > onboarding where a TLS-PSK authentication has definite value, and we > really > > don't want to see this avenue closed off in EAP. > > > > I don't know the exact use-case, but TBH I'd suggest EAP-PWD for that. > > I'm not sure that EAP-TLS with PSK adds any value here. > > > > Allowing PSK means that the draft should likely say "end users MUST > NOT > > be using TLS-PSK". Or maybe "TLS-PSK MUST be used only where > systems > > can be automatically provisioned with long binary data for both PSK > identity > > and PSK itself". Or even "PSK identities and/or passwords that are > composed > > solely of printable ASCII characters are likely to be humanly entered, and > > thus insecure". > > > > Which means, of course, that people will ignore that and demand simple > > user names / passwords for EAP-TLS with PSK. Because that's ever so > much > > easier than using nasty certs. > > > > That isn't something we should encourage. It may be worth just > forbidding > > it. > > > > Alan DeKok. > > > > _______________________________________________ > > Emu mailing list > > Emu@ietf.org > > https://www.ietf.org/mailman/listinfo/emu > >
- [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 Jim Schaad
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Aura Tuomas
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Jim Schaad
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Michael Richardson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Michael Richardson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Jorge Vergara
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey