Re: [Emu] Adoption call for EAP-DPP
Behcet Sarikaya <sarikaya2012@gmail.com> Fri, 19 August 2022 15:22 UTC
Return-Path: <sarikaya2012@gmail.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72E77C15270E for <emu@ietfa.amsl.com>; Fri, 19 Aug 2022 08:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.854
X-Spam-Level:
X-Spam-Status: No, score=-1.854 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f-hQJMM8_SMW for <emu@ietfa.amsl.com>; Fri, 19 Aug 2022 08:22:58 -0700 (PDT)
Received: from mail-vk1-xa2c.google.com (mail-vk1-xa2c.google.com [IPv6:2607:f8b0:4864:20::a2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 782D9C14F72D for <emu@ietf.org>; Fri, 19 Aug 2022 08:22:58 -0700 (PDT)
Received: by mail-vk1-xa2c.google.com with SMTP id j11so2387708vkk.11 for <emu@ietf.org>; Fri, 19 Aug 2022 08:22:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc; bh=qZ5Izy9u8S1c8V0YpFgErAdPCYpLNv8srAlxFheiRkY=; b=Z77Igf0YC8BLwf1ajNY5/JYiouXjjkP9/cfDdksLALxsFLDLoMCc35TI/F7nVg4KZS WfFFTvv/0xay9j6iEUdAOjf0JKrPZaViigZ9Iw3YehEl/oMRryF3e4EGPlJlLDuYeeHS aXdS8IS+N1vEZEm3sF8nPXfaBT6aTTzoq7TL1zN/0NbU6ku0uuyL5dIj8dmQW9W3OjqB wEi5Q398eSy0DjZRk0ImwOa3yE8eo908vQvfVZIWNdOypNtfLxTwR3ip6aTRxwsAyH2A zbRh72+bx7dDw0pVW76X067RmrIPCddzwykmA0hOowsjps9nDYejmKNgO1eTksivZgDx pGFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=qZ5Izy9u8S1c8V0YpFgErAdPCYpLNv8srAlxFheiRkY=; b=ekQHHhAipBtFHyj7ro74CluZwIpeN+jgPq9M/qnmTG/sMpWg96Tj2qjw3suxu5q3WD ypQuC4hk5Jqc23LH0veaoPJJSTcfIHAdszTTCuOAnfs63lQx2XA9x68HLkwEKPDc7r8L fZByHB6+w6x60r1GUgTr4DQnoeI2HDcSEfqAlHlOE2ATA0XpcThBQVTJajSuTjTndb+P uBi8iRVltiydrjn3ZqHh3bOH7mFBwz3Mq/b3jx0fFrDyGBmu4v++gy/Rv6TDd4lxbToG WTphj2NQ/YAOaZCOrth31A8C+aXdfWA0Ls19AasNmsORVpg2Gz+m7DPRHsDqS1rumR2U +HvA==
X-Gm-Message-State: ACgBeo06AGVBrGUc9fcQOOdb8VXCn0LNxXJzoH5uEeV96XK+UNM/g7h1 /F6kp8F1OtY2m8ZNZV48BIkJAd4r5jgnkE5TF0f6h8QrfPU=
X-Google-Smtp-Source: AA6agR4CFqlV4vb79R2x7VheA1qd715rCVTY3tHQMi4kfr6Wj7z3G3sKJwg0bhNRyFD/wxdg/6gnyJsbplpNjJHCM9U=
X-Received: by 2002:a1f:9c52:0:b0:389:404d:44bc with SMTP id f79-20020a1f9c52000000b00389404d44bcmr748273vke.23.1660922577219; Fri, 19 Aug 2022 08:22:57 -0700 (PDT)
MIME-Version: 1.0
References: <01bf01d8b1ac$81233890$8369a9b0$@akayla.com> <CAC8QAcfzQHQg4GQNaqG5k9QJ00-CBCPnwdseLUSYQ=me4rGXEQ@mail.gmail.com> <a9dc5a50-1dbe-614a-1453-63be90286c65@lounge.org>
In-Reply-To: <a9dc5a50-1dbe-614a-1453-63be90286c65@lounge.org>
Reply-To: sarikaya@ieee.org
From: Behcet Sarikaya <sarikaya2012@gmail.com>
Date: Fri, 19 Aug 2022 10:22:45 -0500
Message-ID: <CAC8QAcdZqcYEoaxVU=G6hWmgkrrgPZO1r-8r=rp38MR5mm5k=w@mail.gmail.com>
To: Dan Harkins <dharkins@lounge.org>
Cc: emu@ietf.org
Content-Type: multipart/alternative; boundary="00000000000036f3e305e699ac7a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/NUz_yN5rO94j1FS5AbdcetCQGcg>
Subject: Re: [Emu] Adoption call for EAP-DPP
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Aug 2022 15:22:59 -0000
Hi Dan, On Thu, Aug 18, 2022 at 9:54 AM Dan Harkins <dharkins@lounge.org> wrote: > > Hi Behcet, > > On 8/17/22 2:36 PM, Behcet Sarikaya wrote: > > Hi Peter, > > I quickly read this short document and have some comments. > > In the informative references section, DPP is listed as Device > Provisioning Profile while it should be Device Provisioning Protocol. > Actually, in the acronyms section the name is correctly given. However, > the DPP acronym is not properly expanded in the first use of the acronym > which is in Section 1. Also the same could be said of the other acronyms > > > Good catch. We'll fix that. > > Also the date of DPP document seems to be wrong, I think the version 1.1 > was dated 2018. > > > I think the Wi-Fi Alliance has released v2. I'll check and we'll fix > this if needed. > > I think there is no v2. > Probably more seriously though, the document says DPP does not support > wired network access in Section 1 but maybe the authors are not aware that > there is something called wired only DPP which is defined in another WiFi > Alliance document in Section 2.3.5 of > > Wi-i Easy ConnectTM Specification v2.0 > This document is dated 2020, maybe the authors should reference this > document then the date will be correct 👍🏻. > > > The DPP-over-TCP solution will not work. DPP-over-TCP was added to > enable centralization > of DPP services in devices which might not have an 802.11 interface. Think > of a central network > server that implements a DPP Configurator that is connected to multiple > access points in an ESS. > The APs will just de-capsulate the 802.11 frames they receive, > re-encapsulate them in TCP/IP > headers and send them to the central network server who processes them and > responds with > TCP packets to which the inverse operation is performed by the AP. That > said, it is certainly > possible for two entities to speak a complete DPP conversation over TCP > without the use of > 802.11. But as I said this won't work here. > > The reason this won't work is the "Onboarding Catch-22" where you need a > credential to get > on the network but need to get on the network to get a credential. > DPP-over-TCP requires an > IP address. How do you get an IP address? Well, after "link up" on your > wired connection you do > EAP and authenticate, and then do DHCP. But how do you do EAP? > > Yes it is a good question but it is answered in detail in Section 2.3.5 of WiFi Easy Connect Specification. Fig. 9 there on page 40 shows the message flow. The client there already has an IP address. The issue there is how will the client get IP address of DPP controller. They propose several solutions including DNS. Authentication is based on these three messages exchanged: DPP Auth Req/DPP Aut Res/DPP Auth Conf There is no EAP. EAP in DPP is used in 802.11X with EAP-OL Key message. Behcet regards, > > Dan. > > Behcet > > On Tue, Aug 16, 2022 at 3:12 PM Peter Yee <peter@akayla.com> wrote: > >> This is an adoption call for EAP-DPP (draft-friel-tls-eap-dpp-05)[1]. This >> document aligns with the charter item to "Define mechanisms by which EAP >> methods can support creation of long-term credentials for the peer based >> on >> initial limited-use credentials." The latest revision incorporates >> feedback >> from both the TLS and EMU working groups. Please review and respond to the >> list if you think this document is or is not an appropriate working group >> item for EMU by September 1, 2022. >> >> Thanks, >> >> Peter and Joe >> >> [1] https://datatracker.ietf.org/doc/draft-friel-tls-eap-dpp/ >> >> >> _______________________________________________ >> Emu mailing list >> Emu@ietf.org >> https://www.ietf.org/mailman/listinfo/emu >> > > _______________________________________________ > Emu mailing listEmu@ietf.orghttps://www.ietf.org/mailman/listinfo/emu > > > -- > "The object of life is not to be on the side of the majority, but to > escape finding oneself in the ranks of the insane." -- Marcus Aurelius > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu >
- [Emu] Adoption call for EAP-DPP Peter Yee
- Re: [Emu] Adoption call for EAP-DPP M Montemurro
- Re: [Emu] Adoption call for EAP-DPP Behcet Sarikaya
- Re: [Emu] Adoption call for EAP-DPP Eliot Lear
- Re: [Emu] Adoption call for EAP-DPP Dan Harkins
- Re: [Emu] Adoption call for EAP-DPP Behcet Sarikaya
- Re: [Emu] Adoption call for EAP-DPP M Montemurro
- Re: [Emu] Adoption call for EAP-DPP Dan Harkins
- Re: [Emu] Adoption call for EAP-DPP Behcet Sarikaya
- Re: [Emu] Adoption call for EAP-DPP Peter Yee
- Re: [Emu] Adoption call for EAP-DPP Eliot Lear
- Re: [Emu] Adoption call for EAP-DPP Behcet Sarikaya
- Re: [Emu] Adoption call for EAP-DPP Eliot Lear
- Re: [Emu] Adoption call for EAP-DPP Dan Harkins
- Re: [Emu] Adoption call for EAP-DPP Michael Richardson
- Re: [Emu] Adoption call for EAP-DPP Owen Friel (ofriel)
- Re: [Emu] Adoption call for EAP-DPP Owen Friel (ofriel)
- Re: [Emu] Adoption call for EAP-DPP Peter Yee