Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03

Tim Cappalli <Tim.Cappalli@microsoft.com> Thu, 01 July 2021 14:38 UTC

Return-Path: <Tim.Cappalli@microsoft.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E54C33A09FD for <emu@ietfa.amsl.com>; Thu, 1 Jul 2021 07:38:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level:
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.198, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B21aqoJxAWgR for <emu@ietfa.amsl.com>; Thu, 1 Jul 2021 07:38:09 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-eopbgr640124.outbound.protection.outlook.com [40.107.64.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22A3A3A0CB1 for <emu@ietf.org>; Thu, 1 Jul 2021 07:38:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OpRwMUUcOe2awbvRGOR6sC2ybnsPRujWV2WbcV7InRTXY9N/N34vcscQA5+r3sOJyV8EPYnRaK8OLPh917n9ZVkIPGf/Qih94zYTKtKcsfp9fv6VoQjRl2icXxJEhyJNkzDIOJzKCqIldRMG9pMWMJlxgi5gJQzPBGoFzThmiYpDAw5bo0n16L5uLz6MjjiHUYZXXFRyGdSPRMVgb/Qa64mV04Xn+vNFt+HzmqE3pI8Yo8cTF44TQZ0xrO0aRX1qSsOCTLL9PI2jd310wK+s/V+rtU893cTszOGjv9TZhmyHVM1gCV+c8m8B05+FfVw2UDFn5m3ZhXuYaH4a++xrJw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zJpSyM05s9oIzkidTrFf5TPRAEVh6BsZJ5ZvsWGKWtA=; b=efsjiEGo7qvV5E2mbNzcDEVKW/C0DtnfcRD3qjsDLPtIxx1ubPRDl48DcNeXGEpBsS4DQF01F78zpZNFZqLM1XxDmTnfQJjZ7gtf/ggcOlM5wg2ua55y72nZItl8bfX3FmREyPAflWwJYJrUsJLnehYo9y02+dceIiLJEsXOyt3DlzHgDuydpVotNwrD8JkNEMdb2xvMwgI84k2xTBcW9nY8F8zXNWWPjrwa1lDLe8GrgFZQXH0s3tq8dJO9Z5nRKPnit+da6Ox8DveBBDhtwMUhKE7BpDR+v27gtcAB28Q/CbTT6GawysLtnhdPhE1fA2E+7l+OcCNx8DVe6R71hQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zJpSyM05s9oIzkidTrFf5TPRAEVh6BsZJ5ZvsWGKWtA=; b=HxY50p38papbrR8lIYdfM8REFruNkeMzyIGz2eiUVu2r+40wqMOcq1ypyqR13jum/EJrOVlQTIBSvA2ktUCYgIRGFv+t6o8mxKAJeK3YIauxdvGLsBBbk/aErPOGaY5LqMbTA0IGmUrxSCGRPM/iNRuLOmtTJ/NR1817dF1Vlus=
Received: from PH0PR00MB1029.namprd00.prod.outlook.com (2603:10b6:510:48::6) by PH0PR00MB0999.namprd00.prod.outlook.com (2603:10b6:510:43::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4330.0; Thu, 1 Jul 2021 14:38:04 +0000
Received: from PH0PR00MB1029.namprd00.prod.outlook.com ([fe80::a112:c748:55e9:770d]) by PH0PR00MB1029.namprd00.prod.outlook.com ([fe80::a112:c748:55e9:770d%8]) with mapi id 15.20.4325.000; Thu, 1 Jul 2021 14:38:04 +0000
From: Tim Cappalli <Tim.Cappalli@microsoft.com>
To: "lear@lear.ch" <lear@lear.ch>, "aland@deployingradius.com" <aland@deployingradius.com>, "emu@ietf.org" <emu@ietf.org>
Thread-Topic: [Emu] Question for draft-ietf-emu-tls-eap-types-03
Thread-Index: AQHXbCCmAlmXzRF/iUeBGw7apIyON6spiYGAgAAx+PGAAByfAIAAUUAAgAASfQCAAVtyAIAA+smAgAAD+oCAAYpdAIAADHYAgAAHunk=
Date: Thu, 1 Jul 2021 14:38:04 +0000
Message-ID: <PH0PR00MB1029F0693A5AB4D8A7ADA59C95009@PH0PR00MB1029.namprd00.prod.outlook.com>
References: <DB6D339A-710C-4EC4-9F8E-4B8602632AE1@deployingradius.com> <CABXxEz8EBUz_y1FmQTE9C8cpF+3vqy-mPCx8CnyUMZ72pNifAA@mail.gmail.com> <SJ0PR00MB1038767373E0DE9E3D7BE0DA95039@SJ0PR00MB1038.namprd00.prod.outlook.com> <C7DBE2EB-82BF-4229-B0AF-4BA48B2D45BC@deployingradius.com> <7332.1624927848@localhost> <4F79B7DB-7E55-4564-88AE-C6E2AF8FD293@deployingradius.com> <26359.1625006432@localhost> <BFA8E5C4-D368-41BF-AFA9-BAA35B666F8A@deployingradius.com> <a02d4815-dbfa-e0a0-99fb-0f53127f2fd1@lear.ch> <13DD39D5-57C4-48D2-868A-C4D530127095@deployingradius.com>, <79e7dff7-c473-762f-b7f4-3d056b6953fe@lear.ch>
In-Reply-To: <79e7dff7-c473-762f-b7f4-3d056b6953fe@lear.ch>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2021-07-01T14:36:04.9687207Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard
authentication-results: lear.ch; dkim=none (message not signed) header.d=none;lear.ch; dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36772561-be5b-46c7-b46e-08d93c9dd5f7
x-ms-traffictypediagnostic: PH0PR00MB0999:
x-microsoft-antispam-prvs: <PH0PR00MB09990F9958B8667E0EAC9E1395009@PH0PR00MB0999.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3044;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: PQGqUOuOjVM/7TBEW2vecE4qMENhiWcVscPhMKBcwLU1PzQcEusrUurcFjGn6T3W2hLqqpXqzRIOhRb7Y2l7lTizsLa3mY18oJ+tOlZbgdONmI1Rh7PW2yfHmVDoRmj6khXnz+YqvM9qw1kruzyri0cZn9XeCdUFSUsQW/CVq6UkDJHvM5BUtNH97AmFqVQH3JxbREqi9fF5wwCaCdjYYiYgNqQvllFJnSHqqv1bk91IPEMKR4EmdKXL4O/lPuDwVzhjaXd2lPBthf7Hk+L4SxTb7F+D3eGCtGoK8RSHmyBfIRYj34xbRhO5vXj7EYmupjShozvcyNAbqqGLJdTSmYW+BwISUhZA7jIxAjG3DQNMkSOm4pa1IMMv5kOf5BKmX18eA8P63FS21WqeoFbG24V5hxk4bN8bseOn4qRhUOVQm05bwADNxUOzdWUbm0Liiyjl+BIS8M9sQU24OoiUjeoNJaQ2I7unjPWzN05JOs3nyOBZYoLdcTDLbPMg1Oz2eMqhVtjajwpCS0nUY2hkLVHz6mS3QTg9IsSxhaOnjRugq6PYp7ZUKFBKsI/g+ALZOBYlNCjUhzI3PBkn42ZIuv6WMvXI1b9odQU1fsAjudCXlIsgBV4NQOqfescQslo3ke1vH8fGa4trvvNu4j3yyg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR00MB1029.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(8990500004)(55016002)(33656002)(9686003)(2906002)(66556008)(8936002)(110136005)(66446008)(66946007)(76116006)(91956017)(64756008)(66476007)(86362001)(316002)(186003)(53546011)(7696005)(8676002)(478600001)(4744005)(82950400001)(82960400001)(5660300002)(52536014)(10290500003)(26005)(6506007)(38100700002)(71200400001)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?Windows-1252?Q?fS/Vz0G72YmsDKyrYMX1Y1e/MLF9JD+3QqvmSt1l5LKM3LJPoH7UjcUR?= =?Windows-1252?Q?KLHqnxglJQNSO/p4U46iMqq1yiWNMh22sx7+tLa164UoKP0mK/cqPWrk?= =?Windows-1252?Q?sr/BUAkMwndxQnnokBuJnWidUl33pJ+LYffNgQ5AxqBQSYIAE58OS6ro?= =?Windows-1252?Q?z36unmZuT3+3AiyWNN0Tn6NaBWD1iGwmpMHEKYgwIpoPaaCn541gWdo8?= =?Windows-1252?Q?xVDsElj66TPJIUB53fse0CL8CS+ryVpI2N7mrUw3Z57nsZxFOpwAbm4q?= =?Windows-1252?Q?31xgrm+/APIPsKst7bgWJx0lngnQ/1QIci6toxo9HvCbqCVqV+Ap30hO?= =?Windows-1252?Q?/p6ll1HqwbEQiug5cQZTUtJCfHt+1sng6MKkGgDyvGctlZlQ2kAaM6Iq?= =?Windows-1252?Q?4aMTG+XaRAMx/DhYpLNiI53vuCIw3/P6+WgWwQpxDdPsby2mGHfCCbKl?= =?Windows-1252?Q?8S8h+9vQMuSlo1Wp2f/9TC2O6PCl+QEZZ1OpQlNpifupcnixHiQQg0JW?= =?Windows-1252?Q?Sy3qjeEe2d+9JRWDxoN4c+scYWgdD+h0KaU4bOeGpX3ZyfyZaV8jQn6j?= =?Windows-1252?Q?rXQzUP3m/XLL9Hu+ZfW3AzNXXHkD2/XpaPxDNqwg2Pvh9WhflxTP5sba?= =?Windows-1252?Q?78UFMjs74Aiam8wuZ3bCbY75oxBqhMBl6K9hpeWU/fdjNla1s2BAARcF?= =?Windows-1252?Q?TVljnEiQV98Jli/Fose1haC0JXnlcIRcXZqkcydhxAjCnrG34RBXPd4V?= =?Windows-1252?Q?RYz45jNCDavauiCjJK5eLF81Obf1IikwwXPNlfOHvhq6IqwnfjxomAWU?= =?Windows-1252?Q?NDj73v0AOQO2VrtcDJP2WnO/5RBpf+UWSddypdUwEOFtXqHCFahON2E7?= =?Windows-1252?Q?LIHfY1Bu2knMt6BIgFo7j1xQimww/bDUS8o9P+fzIIJKXFCIoOjXbtzl?= =?Windows-1252?Q?zU71kuBwBXjnBSvgeuuZidJySu/cZLhAC3+GCUzGKIVA2oeWNLllicpZ?= =?Windows-1252?Q?+chmXb1hAs9pbSvYuYyNbF7eY6G317LEYo5O74faeXZVt7DaSVqbHDrA?= =?Windows-1252?Q?f2JxVQ5OBwDtjUICxvdjIEptBIM44MuJom17IBNgapdoGi2bREn1h7iF?= =?Windows-1252?Q?FEeLm53QhicQrF7j4aBeBroMNORkHRRdhspoDaf4yN8eQ1Yf/7B5iJ7g?= =?Windows-1252?Q?X5bKjeBd2fwX7x9yYhlnFAQ6TtA5AvDoad08j0MZM1qbKcbwgm4QFPcE?= =?Windows-1252?Q?vQBxeV3eL2Ym8A8Ti+reqk9ews4AXTNN+FQR3xNLrxI6SM3VYr2yHXiU?= =?Windows-1252?Q?yGPWXvFikVp1T5dHQiAoM8nly/5De3n+UNr3EkSU2RI3v59uDnrDWNBR?= =?Windows-1252?Q?/h+0ME1C4wYReg=3D=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_PH0PR00MB1029F0693A5AB4D8A7ADA59C95009PH0PR00MB1029namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR00MB1029.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 36772561-be5b-46c7-b46e-08d93c9dd5f7
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2021 14:38:04.6271 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7ZY7yGslvjjF8tRWCf/F/mjr36t95Krc7gfNGjx4PSH3FMsl3eibDzvNipiCbfB1yTV19fxHQ/muSZLM+jQdQw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR00MB0999
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/XHUBexusqcNO9RoF5Da1mCaheWI>
Subject: Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jul 2021 14:38:14 -0000

Device identifiers, how certificates get provisioned, their contents, and where the keys are stored don’t seem in scope for this TLS-based EAP types spec. This seems like more of a BCP thing or a topic for MADINAS IMO.


From: Eliot Lear<mailto:lear@lear.ch>
Sent: Thursday, July 1, 2021 10:09 AM
To: Alan DeKok<mailto:aland@deployingradius.com>; EMU WG<mailto:emu@ietf.org>
Subject: Re: [Emu] Question for draft-ietf-emu-tls-eap-types-03

Hi Alan,

On 01.07.21 15:23, Alan DeKok wrote:
>    TEAP is one solution, but I don't think everyone is going to move to TEAP overnight.  It would be nice to have solutions for existing (and deployed) EAP methods.

Perhaps I lost the plot, but what do you propose?

Eliot