IETF Logo Mail Archive

Re: [Emu] Potential Notes in EAP-FAST Documents

Tim Polk <tim.polk@nist.gov> Wed, 04 March 2009 14:42 UTC

Return-Path: <tim.polk@nist.gov>
X-Original-To: emu@core3.amsl.com
Delivered-To: emu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E8A923A6C8E; Wed, 4 Mar 2009 06:42:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.544
X-Spam-Level:
X-Spam-Status: No, score=-6.544 tagged_above=-999 required=5 tests=[AWL=0.055, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kM4ceBSQ646I; Wed, 4 Mar 2009 06:42:24 -0800 (PST)
Received: from smtp.nist.gov (rimp2.nist.gov [129.6.16.227]) by core3.amsl.com (Postfix) with ESMTP id BCD083A6C7D; Wed, 4 Mar 2009 06:42:24 -0800 (PST)
Received: from [129.6.224.67] ([129.6.224.67]) by smtp.nist.gov (8.13.1/8.13.1) with ESMTP id n24Egbme005170; Wed, 4 Mar 2009 09:42:47 -0500
Message-Id: <DC3C133D-80CF-444A-A999-86E2D48F3113@nist.gov>
From: Tim Polk <tim.polk@nist.gov>
To: Tim Polk <tim.polk@nist.gov>
In-Reply-To: <DF99D1BF-7A3A-41C6-B161-FD609410DE59@nist.gov>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Wed, 04 Mar 2009 09:47:25 -0500
References: <BLU137-W531ACB9BE00127DB8595D993C30@phx.gbl> <808FD6E27AD4884E94820BC333B2DB7727E78F274C@NOK-EUMSG-01.mgdnok.nokia.com> <006c01c98781$5d6b8bf0$1842a3d0$@net> <808FD6E27AD4884E94820BC333B2DB7727E78F2B67@NOK-EUMSG-01.mgdnok.nokia.com> <003201c9880d$e8160780$b8421680$@net> <DF99D1BF-7A3A-41C6-B161-FD609410DE59@nist.gov>
X-Mailer: Apple Mail (2.930.3)
X-NIST-MailScanner: Found to be clean
X-NIST-MailScanner-From: tim.polk@nist.gov
Cc: emu@ietf.org, "iesg@ietf.org IESG" <iesg@ietf.org>
Subject: Re: [Emu] Potential Notes in EAP-FAST Documents
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2009 14:42:26 -0000

Folks,

I have been sorting through the email trail on this one.  In my  
opinion, there is *rough* consensus for the notes and approach that I  
proposed in this email.  Minor revisions were suggested, but the  
subsequent email thread seems to show the stated text was acceptable.

I have also reviewed the "key derivation differences" thread.  To  
quote Jouni's email from
24 February:
> In other words, we cannot come up with a EAP-MSCHAPv2 MSK derivation  
> rules that would cleanly fit into all deployed uses and there will  
> unfortunately be need for tunnel method specific exception in either  
> EAP-PEAP with cryptobinding or EAP-FAST. Either way, it would be  
> useful to get this documented clearly so that all future uses of EAP- 
> MSCHAPv2 would be able to refer to an existing specification instead  
> of having to come up with their own MSK/ISK derivation rules as was  
> done with EAP-PEAP cryptobinding and EAP-FAST.

I agree that it will be good to get this documented clearly for future  
specs, but do not see an impact on current specs, so I am not  
requesting any further changes to the documents.

Accordingly, I have asked the IESG Secretary to forward the proposed  
IESG notes to the RFC
Editor.

Thanks,

Tim Polk

On Feb 11, 2009, at 9:26 AM, Tim Polk wrote:

> Folks,
>
> As the AD that sponsored publication of the EAP-FAST documents under  
> discussion,
> I have been trying to find the best way forward.  I believe that the  
> best course of action
> involves some clarifications to draft-cam-winget-eap-fast- 
> provisioning to distinguish
> the modified and unmodified use of EAP-MSCHAPv2, and IESG notes to  
> ensure these
> publications do not establish precedent for future reuse of EAP type  
> codes with
> different semantics.
>
> First, I support revising draft-cam-winget-eap-fast-provisioning so  
> that the modified
> form of EAP-MSCHAPv2 is consistently referred to as EAP-FAST- 
> MSCHAPv2.  The
> authors offered to make this change earlier in the thread, and I  
> have seen some
> support and no opposition to this suggestion.
>
> Second, I will be offering the following text for IESG notes on both  
> documents.  The
> notes clearly state the drawbacks for EAP type code reuse and define  
> an acceptable
> path for future protocol developers.
>
> ------ draft-cam-winget-eap-fast-provisioning -----
>
>    EAP-FAST has been implemented by many vendors and it is used in the
>    Internet.  Publication of this specification is intended to promote
>    interoperability by documenting current use of existing EAP methods
>    within EAP-FAST.
>
>    The EAP method EAP-FAST-MSCHAPv2 reuses the EAP type code  
> assigned to
>    EAP-MSCHAPv2 (26) for authentication within an anonymous TLS  
> tunnel.  In
>    order to minimize the risk associated with an anonymous tunnel,  
> changes
>    to the method were made that are not interoperable with EAP- 
> MSCHAPv2.
>    Since EAP-MSCHAPv2 does not support method-specific version  
> negotiation,
>    the use of EAP-FAST-MSCHAPv2 is implied by the use of an anonymous
>    EAP-FAST tunnel.  This behavior may cause problems in  
> implementations
>    where the use of unaltered EAP-MSCHAPv2 is needed inside an  
> anonymous
>    EAP-FAST tunnel.  Since such support requires special case  
> execution of
>    a method within a  tunnel, it also complicates implementations  
> that use
>    the same method code both within and outside of the tunnel  
> method. If
>    EAP-FAST  were to be designed today, these difficulties could be  
> avoided
>    by utilization of unique EAP Type codes. Given these issues,  
> assigned
>    method types must not be re-used with different meaning inside  
> tunneled
>    methods in the future.
>
> ----  draft-zhou-emu-fast-gtc  ------
>
>    EAP-FAST has been implemented by many vendors and it is used in the
>    Internet.  Publication of this specification is intended to promote
>    interoperability by documenting current use of existing EAP methods
>    within EAP-FAST.
>
>    The EAP method EAP-FAST-GTC reuses the EAP type code assigned to
>    EAP-GTC (6).  The reuse of previously assigned EAP Type Codes is
>    incompatible with EAP method negotiation as defined in RFC 3748.   
> Since
>    EAP-GTC does not support method-specific version negotiation,   
> the use of
>    EAP-FAST-GTC is implied when used inside the EAP-FAST tunnel during
>    authentication. This behavior may cause problems in  
> implementations where
>    the use of another vendor's EAP-GTC is required.  Since such  
> support requires
>    special case execution of a method within a tunnel, it also  
> complicates
>    implementations that use the same method code both within and  
> outside of
>    the tunnel method. If EAP-FAST were to be designed today, these
>    difficulties could be avoided by utilization of unique EAP Type  
> codes.
>    Given these issues, assigned method types must not be re-used with
>    different meaning inside tunneled methods in the future.
>
> I am not under the illusion that this text will be entirely  
> satisfactory to anyone,
> but I believe that it is an *appropriate* resolution to the problem.
>
> Thanks,
>
> Tim Polk

v2.23.0 | Report a Bug | By Email