Re: [Emu] More TEAP issues
Jouni Malinen <j@w1.fi> Wed, 30 November 2022 18:33 UTC
Return-Path: <j@w1.fi>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99F9AC152594 for <emu@ietfa.amsl.com>; Wed, 30 Nov 2022 10:33:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w1.fi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NOU0rQIgf7Zz for <emu@ietfa.amsl.com>; Wed, 30 Nov 2022 10:33:03 -0800 (PST)
Received: from mail.w1.fi (mail.w1.fi [212.71.239.96]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09F52C14CE57 for <emu@ietf.org>; Wed, 30 Nov 2022 10:33:01 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.w1.fi (Postfix) with ESMTP id 28C04110C0; Wed, 30 Nov 2022 18:32:59 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at w1.fi
Received: from mail.w1.fi ([127.0.0.1]) by localhost (mail.w1.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sFx_ZntFW7V0; Wed, 30 Nov 2022 18:32:56 +0000 (UTC)
Received: by jm (sSMTP sendmail emulation); Wed, 30 Nov 2022 20:32:54 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=w1.fi; s=default; t=1669833176; bh=94raBWxDMRTYRF0v1Ot/W5046Qx3x2UpurPCPXsr6vo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=r/Ci36iI2g/HkRNM72wA89xpTEHoljm5KJbW2yzuW57RzYE8eAjQH7L8WgkRwjvPr vHN9y0qHxYNP1CJNTnnATzfxhg3VYkN7gFGAZon+hPXStK8MdOAiZsE5HrXfUmgSNe OSuZ9lUcXOglUHouNSxelKSQn1JVrMI5+UXyE7NpfQfEKVrg5TUWlyIiZvQFnhmgb1 bt+PeZ683nkJ/f2xvw1R7IuEYRr+cXV6pKrLxlQIuNDGJAYcK/b6SrDMgK8R5kmKYy dYc7Bg4NWgktEwQF5UrU0CDJ2H4yptd6P2SAIfURW9bc4gqQeRIDkS2Jd+WD7g/Ohd DDCEVk+XoPvzg==
Date: Wed, 30 Nov 2022 20:32:54 +0200
From: Jouni Malinen <j@w1.fi>
To: Alexander Clouter <alex+ietf@coremem.com>
Cc: EMU WG <emu@ietf.org>
Message-ID: <20221130183254.GB452842@w1.fi>
References: <449FBD6E-34F7-49A2-A9A1-72BD716E1DDA@deployingradius.com> <b6b1d0d3-18ea-4d2c-9935-5fec335b191b@app.fastmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <b6b1d0d3-18ea-4d2c-9935-5fec335b191b@app.fastmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/KQlPoz1ohDf8crv6meQRjg7Hq9c>
Subject: Re: [Emu] More TEAP issues
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2022 18:33:07 -0000
On Wed, Nov 30, 2022 at 03:01:08PM +0000, Alexander Clouter wrote: > On Tue, 29 Nov 2022, at 22:34, Alan DeKok wrote: > > Based on interoperability testing, it looks like implementations > > followed EAP-FAST for derivation of the MS-MPPE keys, and not RFC 7170: > EAP-FAST almost does not document this until you look at a latter RFC covering the provisioning component: > > https://www.rfc-editor.org/rfc/rfc5422#section-3.2.3 And that section has a history of its own.. If you take a look at the latest draft (-10), that language is not there, i.e., it got added quite late in the process and the related discussions were not exactly considering this positively. If I remember correctly, this mismatch with how EAP-MSCHAPv2 was defined was seen as something that should not really have been done and the EAP-FAST-MSCHAPv2 was named such to be distinguished from EAP-MSCHAPv2 and also as a reminder not to use this variant for anything else than EAP-FAST (which had already been deployed with it). Nevertheless, here we are 15 years later hitting this exact same thing with TEAP having been deployed with the design that was not supposed to be repeated.. > Really easy to miss for an implementer, especially as when you start implementing FAST (or TEAP) you begin with authentication and think you can ignore the PAC component at first. While I started working on TEAP implementation by copying FAST implementation to be the starting point, one of my first steps was to try to remove all the hacks needed to get EAP-FAST interoperable since I was familiar with the history.. But yes, it would be next to impossible to implement either EAP-FAST or EAP-TEAP based on just the RFCs and get to something that interoperates with anything already deployed. > The other biggy is that it is easy to miss that for each EAP method in a sequence, you need to include an EAP Identity response along with the Identity-Type TLV to the peer. And that will hopefully not include another instance of Crypto-Binding for the EAP-Identity exchange. This is related to one of my errata comments on EAP method vs. EAP authentication method (the latter needs crypto binding; the former probably does not, but RFC 7170 is not clear). > > 3) declare 7170 irretrievably broken, and write 7170bis which > > documents how TEAP version 1 operates in practice. > > This is my preference too. While this might not result in the cleanest protocol design, I'd agree that this is likely the best approach from the view point of getting something useful out there and into wider use. Regarding a separate comment about new TLVs (and new functionality in general, I'd guess), I have no significant issues including that in a new RFC, but I do hope that the initial focus would be in addressing the existing areas and already identified issues to get to a point where there is a clearly identifiable Internet-Draft describing how one can successfully implement EAP-TEAP in a manner that interoperates with deployed implementations. -- Jouni Malinen PGP id EFC895FA
- [Emu] More TEAP issues Alan DeKok
- Re: [Emu] More TEAP issues Joseph Salowey
- Re: [Emu] More TEAP issues Eliot Lear
- Re: [Emu] More TEAP issues Alan DeKok
- Re: [Emu] More TEAP issues Alexander Clouter
- Re: [Emu] More TEAP issues Jouni Malinen
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Bruno Pereira Vidal
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Joseph Salowey
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Eliot Lear
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Alan DeKok
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Alexander Clouter
- Re: [Emu] [EXTERNAL] Re: More TEAP issues Peter Yee
- Re: [Emu] More TEAP issues Owen Friel (ofriel)
- Re: [Emu] More TEAP issues Alan DeKok