Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
Joseph Salowey <joe@salowey.net> Wed, 06 January 2021 06:24 UTC
Return-Path: <joe@salowey.net>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFC683A115C for <emu@ietfa.amsl.com>; Tue, 5 Jan 2021 22:24:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bmGKNJWs1xU3 for <emu@ietfa.amsl.com>; Tue, 5 Jan 2021 22:24:16 -0800 (PST)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA4F93A115E for <emu@ietf.org>; Tue, 5 Jan 2021 22:24:15 -0800 (PST)
Received: by mail-lf1-x12f.google.com with SMTP id l11so4286843lfg.0 for <emu@ietf.org>; Tue, 05 Jan 2021 22:24:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JUdDGNJqhCstfGGv4py1goeLgHivIvglmdJhcnbtjvY=; b=EY57Fq4VK0hGxXiVaKIEm1DDEMhrT3N7owzyqtJ/sz02oKenZT7bJ4tjLEwM9kvEV5 /6DjzZQPBNm5wea0pXkinL30F/vCcGiTke1tK59Gvb9WkcdHvQ/0N1rrZDK0O8u7TDkr IoGpaB90xEDlz58c6pWASNa7Tx28RIfC1p/VoSzk3jJIbDzlREh++pK/2zsIe58x07eV 1AH2KXSUH7w9AI+hD9GbUCS3qmlfX9XkiiwNrKQIffzXbDTymQes4Ca+r1BzO4jkg8Aq c9BfsfdT245OePZFrL19E2V3YZ3f87V5FGD6ePsOFpxrtOvyqIUEahCcJn5uS27K2IzB TxUQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JUdDGNJqhCstfGGv4py1goeLgHivIvglmdJhcnbtjvY=; b=TlKkKfYoClvi8afCd8mZp2yd3/GoUoZZca7UFXfnDfWqQTEkJ/sl56J3SgFL2JMt6E v/y5YY7W58aOODM0nCieW7z01yW9MZwLzvGsJSbE3XE/IKu2oCSyT5qGuCPK8kaYwD24 fHYtWCLecTKUdp+9AMgvCiurScFwXvH59dzhXpyh4MGtVpBXEoXjLM1x+j8se8jLqX42 YKH/Ph5L0m7DTxk0WtsRjraU5LeKRivI1jpCoEdx0zzS3eQjOuHAkZODeMfFGlFuw+uB yteHgSAgY/vOSVK+IC67U65WlYZb4Q3ODbkyB3s6s1jMR1aVz+7W3AtYI4Glo7Ly2gsU Uamw==
X-Gm-Message-State: AOAM530Lj6OM39Ty4Pbg1narzu0D/u2ApA3K4buSDzwME8dGMoMqkehk duWNPeT6hbv4E1D3sb4bUftu3HVKNwTFAAMBb9PjDA==
X-Google-Smtp-Source: ABdhPJw3UxxTz52i8qa4nkHqQMSSjDi7SH4beQ75MZiADxOdThDKMCWlooB0XejW4oku7Eu1wdykFMxOa6AwxvR6ntQ=
X-Received: by 2002:a2e:98d1:: with SMTP id s17mr1532983ljj.308.1609914253807; Tue, 05 Jan 2021 22:24:13 -0800 (PST)
MIME-Version: 1.0
References: <160815821055.25925.15897627611548078426@ietfa.amsl.com> <20201216223842.GR64351@kduck.mit.edu> <0f2b05db-5c98-43d4-aae3-cf620814bacc@www.fastmail.com> <A4BBA31B-8754-4D8C-B0F1-D1C6C859F6AE@deployingradius.com> <CAOgPGoBvBzhA0q4gFqpFSm2HkAs6NoyLc6RVZYLtTYsNd02i8A@mail.gmail.com> <e669002f-caff-1e6e-e28b-d09157eb0c07@ericsson.com> <6241F0B6-C722-449E-AC3A-183DE330E7B5@deployingradius.com> <9ddd1593-3131-f5cc-d0db-74bf3db697bf@ericsson.com> <3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com>
In-Reply-To: <3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com>
From: Joseph Salowey <joe@salowey.net>
Date: Tue, 05 Jan 2021 22:24:02 -0800
Message-ID: <CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com>
To: Alan DeKok <aland@deployingradius.com>
Cc: Mohit Sethi M <mohit.m.sethi@ericsson.com>, EMU WG <emu@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000037a71e05b8355f9f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/R2_76BucpvGKtg6NRJ_wsuDRdZg>
Subject: Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2021 06:24:19 -0000
On Tue, Jan 5, 2021 at 8:31 AM Alan DeKok <aland@deployingradius.com> wrote: > On Jan 5, 2021, at 11:13 AM, Mohit Sethi M <mohit.m.sethi@ericsson.com> > wrote: > > > > Hi Alan, > > > > Cleaning up the email. The current draft says the exporter should be > called once as: > > > >> Key_Material = TLS-Exporter("EXPORTER_EAP_TLS_Key_Material", > >> Type-Code, 128) > >> > > and then split the 128 into MSK (64) and EMSK (64). As said, from > initial glance, it seems the exporter is called twice (once in > eap_tls_get_emsk and once in eap_tls_getKey). Both the calls are with > exactly the same context, context length, and labels. In getKey, the EMSK > parts are cleared with > >> os_memset(eapKeyData + EAP_TLS_KEY_LEN, 0, EAP_EMSK_LEN); > > while in get_emsk, they are read with > > > > > >> os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN, > >> > >> > >> EAP_EMSK_LEN); > > Maybe we can live with this. But if exporter is called twice, we should > use different labels as suggested by Martin? > > Yes. > > Perhaps as Joe suggested: EXPORTER_EAP_TLS_MSK and > EXPORTER_EAP_TLS_EMSK, which seem simple enough. > > [Joe] I created a pull request ( https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/17) with the proposed labels. Is this change going to cause significant problems for implementation? > Alan DeKok. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [Emu] Benjamin Kaduk's Discuss on draft-ietf-emu-… Benjamin Kaduk via Datatracker
- [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Emu] Benjamin Kaduk's Discuss on draft-ietf-… Alan DeKok
- Re: [Emu] Benjamin Kaduk's Discuss on draft-ietf-… Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [Emu] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Salz, Rich
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Michael Richardson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Dan Harkins
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Michael Richardson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- [Emu] Fwd: [TLS] Fwd: Benjamin Kaduk's Discuss on… Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Jorge Vergara
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … John Mattsson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Jorge Vergara
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Jorge Vergara
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Peter Gutmann
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Salz, Rich
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Jorge Vergara
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … John Mattsson
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on … John Mattsson