IETF Logo Mail Archive

Re: [Emu] New Version Notification for draft-janfred-eap-fido-02.txt

Jan-Frederik Rieckers <rieckers@dfn.de> Fri, 01 March 2024 21:08 UTC

Return-Path: <rieckers@dfn.de>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1799BC14F69C for <emu@ietfa.amsl.com>; Fri, 1 Mar 2024 13:08:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dfn.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dNavOUy6d6-3 for <emu@ietfa.amsl.com>; Fri, 1 Mar 2024 13:08:48 -0800 (PST)
Received: from a1004.mx.srv.dfn.de (a1004.mx.srv.dfn.de [IPv6:2001:638:d:c301:acdc:1979:2:58]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DB26C14F615 for <emu@ietf.org>; Fri, 1 Mar 2024 13:08:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dfn.de; h= content-type:content-type:in-reply-to:subject:subject :organization:from:from:references:content-language:user-agent :mime-version:date:date:message-id:received; s=s1; t=1709327321; x=1711141722; bh=vdZycCoWnMtOvTnbpCWF2YELd7TNSzrWCe/kdfFrqXo=; b= X4tnynh327kW5DHT6fP7C0HTvZzwYOKKhgMEPTxRTWFyTZ3i8GiQXkW266eIs16W j24JNN+dmuJLGvU5Va/f7aGNu3XgGFHrUoJPHBDjNWIL6fvgTDKchdOhWQlNlGFr fir+sRgw48GTMUCDXPoEwrviyHdEb3ulqpQisBIg3IE=
Received: from mail.dfn.de (mail.dfn.de [IPv6:2001:638:d:c102::150]) by a1004.mx.srv.dfn.de (Postfix) with ESMTPS id 5797D2000DE for <emu@ietf.org>; Fri, 1 Mar 2024 22:08:41 +0100 (CET)
Received: from [IPV6:2a02:8106:57:952a:c8a6:5f15:1740:f30c] (unknown [IPv6:2a02:8106:57:952a:c8a6:5f15:1740:f30c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mspool2.in.dfn.de (Postfix) with ESMTPSA id 0F5D53D6 for <emu@ietf.org>; Fri, 1 Mar 2024 22:08:40 +0100 (CET)
Message-ID: <66bca1b2-4b2d-429d-8f85-5c76d29005ad@dfn.de>
Date: Fri, 01 Mar 2024 22:08:29 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: emu@ietf.org
References: <170932527085.22824.18343512124707075119@ietfa.amsl.com>
From: Jan-Frederik Rieckers <rieckers@dfn.de>
Autocrypt: addr=rieckers@dfn.de; keydata= xjMEYS90/RYJKwYBBAHaRw8BAQdAWXYFYTJZD1YR1SztUNqHenPGnf+gdQe/9LjiHlr2XATN J0phbi1GcmVkZXJpayBSaWVja2VycyA8cmllY2tlcnNAZGZuLmRlPsKWBBMWCAA+AhsDBQsJ CAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE/fv7DCp4WBOrb8RyDYuiXSS+ypYFAmVbGkYFCQWP mkkACgkQDYuiXSS+ypYT0AD/TZAi4LsaVAAzkFSuejWnhQKRyJiPKcZUo7RHhGe1DAABAOBV K+OUb4o43IP2fVcVxKL9kyxArIAhehHp4cplQl8PzjgEYS90/RIKKwYBBAGXVQEFAQEHQBxo 6esD49rxn4d3su5fJJL79XjfKNy26LiFE9Gpg38+AwEIB8J+BBgWCAAmAhsMFiEE/fv7DCp4 WBOrb8RyDYuiXSS+ypYFAmVbGlAFCQWPmlMACgkQDYuiXSS+ypadsAEAqZTaohfkaVGeSk5x iiOcy47K43+ze2dUm5qja0eUUuQA/RNoF//lH8NeFNxN0Qs/Ej7MOdbr9B//R7To8AtqgiMJ
X-Enigmail-Draft-Status: N01222
Organization: DFN e.V.
In-Reply-To: <170932527085.22824.18343512124707075119@ietfa.amsl.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms090607060700030402050200"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/U7Vn7asaCZKTj20_FWy1hZbt82Y>
Subject: Re: [Emu] New Version Notification for draft-janfred-eap-fido-02.txt
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 21:08:53 -0000

Hi emu folks,

I just posted a new version of the EAP-FIDO draft.

We had some discussion on the name "EAP-FIDO" at the last IETF and we 
have come up with some name options since, but none of them resonate 
with me yet.

I have started a pad with different name options, everyone is invited to 
chime in: https://md.kif.rocks/VcVOg34pSFWh64Ev_JsG6Q


For the changes from the previous version:

There was some rewording in several paragraphs, I've added some text 
around error handling.

The most prominent change from the previous draft version is that we now 
propose that, in the standard usecase, the user only configures the 
Relying Party ID and that the server certificate is then valid for 
"eap-fido-authentication.<RPID>" (or something similar, depending on the 
final name for the protocol).


I am planning to work on an implementation during the hackathon to have 
a better understanding and can identify possible missing spec and the 
different error conditions that we need to signal.

I will be presenting my progress at the emu session in Brisbane.


Comments are welcome, as always.


See you in Brisbane,

Janfred

On 01.03.24 21:34, internet-drafts@ietf.org wrote:
> A new version of Internet-Draft draft-janfred-eap-fido-02.txt has been
> successfully submitted by Jan-Frederik Rieckers and posted to the
> IETF repository.
> 
> Name:     draft-janfred-eap-fido
> Revision: 02
> Title:    EAP-FIDO
> Date:     2024-03-01
> Group:    Individual Submission
> Pages:    36
> URL:      https://www.ietf.org/archive/id/draft-janfred-eap-fido-02.txt
> Status:   https://datatracker.ietf.org/doc/draft-janfred-eap-fido/
> HTML:     https://www.ietf.org/archive/id/draft-janfred-eap-fido-02.html
> HTMLized: https://datatracker.ietf.org/doc/html/draft-janfred-eap-fido
> Diff:     https://author-tools.ietf.org/iddiff?url2=draft-janfred-eap-fido-02
> 
> Abstract:
> 
>     This document specifies an EAP method leveraging FIDO2 keys for
>     authentication in EAP.
> 
> About This Document
> 
>     This note is to be removed before publishing as an RFC.
> 
>     Status information for this document may be found at
>     https://datatracker.ietf.org/doc/draft-janfred-eap-fido/.
> 
>     Discussion of this document takes place on the EAP Method Update
>     Working Group mailing list (mailto:emu@ietf.org), which is archived
>     at https://mailarchive.ietf.org/arch/browse/emu/.  Subscribe at
>     https://www.ietf.org/mailman/listinfo/emu/.
> 
> 
> 
> The IETF Secretariat
> 
> 

-- 
Herr Jan-Frederik Rieckers
Security, Trust & Identity Services

E-Mail: rieckers@dfn.de | Fon: +49 30884299-339 | Fax: +49 30884299-370
Pronomen: er/sein | Pronouns: he/him
__________________________________________________________________________________

DFN - Deutsches Forschungsnetz | German National Research and Education 
Network
Verein zur Förderung eines Deutschen Forschungsnetzes e.V.
Alexanderplatz 1 | 10178 Berlin
https://www.dfn.de

Vorstand: Prof. Dr.-Ing. Stefan Wesner | Prof. Dr. Helmut Reiser | 
Christian Zens
Geschäftsführung: Dr. Christian Grimm | Jochem Pattloch
VR AG Charlottenburg 7729B | USt.-ID. DE 136623822

v2.23.0 | Report a Bug | By Email