Re: [Emu] Agenda items for EMU @ IETF 111

Meiling Chen <chenmeiling@chinamobile.com> Fri, 11 June 2021 07:14 UTC

Return-Path: <chenmeiling@chinamobile.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB5153A2C96 for <emu@ietfa.amsl.com>; Fri, 11 Jun 2021 00:14:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bKsf7DMAEQmF for <emu@ietfa.amsl.com>; Fri, 11 Jun 2021 00:14:03 -0700 (PDT)
Received: from cmccmta3.chinamobile.com (cmccmta3.chinamobile.com [221.176.66.81]) by ietfa.amsl.com (Postfix) with ESMTP id 1F6093A2C94 for <emu@ietf.org>; Fri, 11 Jun 2021 00:14:02 -0700 (PDT)
Received: from spf.mail.chinamobile.com (unknown[172.16.121.17]) by rmmx-syy-dmz-app12-12012 (RichMail) with SMTP id 2eec60c30d24ff7-381c1; Fri, 11 Jun 2021 15:13:40 +0800 (CST)
X-RM-TRANSID: 2eec60c30d24ff7-381c1
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from cmcc-PC (unknown[10.2.50.233]) by rmsmtp-syy-appsvr09-12009 (RichMail) with SMTP id 2ee960c30d22fe4-b6d6d; Fri, 11 Jun 2021 15:13:40 +0800 (CST)
X-RM-TRANSID: 2ee960c30d22fe4-b6d6d
Date: Fri, 11 Jun 2021 15:13:41 +0800
From: "Meiling Chen" <chenmeiling@chinamobile.com>
To: "John Mattsson" <john.mattsson@ericsson.com>, "Mohit Sethi M" <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>, emu <emu@ietf.org>
References: <3fd30bb4-e7ce-782d-e2cd-d539a969a0fd@ericsson.com>, <202106041649527349013@chinamobile.com>, <HE1PR0701MB3050AEF08EDB52B095747A0489379@HE1PR0701MB3050.eurprd07.prod.outlook.com>
X-Priority: 3
X-Has-Attach: no
X-Mailer: Foxmail 7.2.9.115[cn]
Mime-Version: 1.0
Message-ID: <2021061115134045495022@chinamobile.com>
Content-Type: multipart/alternative; boundary="----=_001_NextPart703774823481_=----"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/_OcAZ1UwYCib4hO09DmpvyjtmZQ>
Subject: Re: [Emu] Agenda items for EMU @ IETF 111
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 07:14:08 -0000

Hi John,
Thanks for sharing your opinion. 
The reference to draft-ietf-tls-dtls13 was wrote by mistake since version 01, I will correct it next version.
I'm not against your point of view, EAP-TLS-IBS is based on the procedure of EAP-TLS, but the certificate has been extended with IBS, so we consider it as a new EAP method.
TLS1.2 was originally considered for compatibility, if it is all based on tls1.3 in the future, then this part will be deleted according to practicability.


Best,
Meiling

From: John Mattsson
Date: 2021-06-08 16:53
To: Meiling Chen; Mohit Sethi M; emu
Subject: Re: [Emu] Agenda items for EMU @ IETF 111
Hi Meiling,
 
I just looked through this draft quickly. 
 
- draft-ietf-tls-dtls13 specifies DTLS 1.3 which is not used in EAP-TLS. You likely want to reference RFC8446 or RFC8446bis.
 
- I don't really understand why a new EAP method is needed here, this just seems like ordinary EAP-TLS to me... 
 
 
- TLS 1.2 was made obsolete in 2018. It should be phased out, not expanded with new fuctionality. This a -00 draft and would not be published as an RFC for a while, when TLS 1.2 would be even more obsolete.
 
- As TLS 1.3 mandates ephemeral diffie-hellman, the privacy is good. If new TLS 1.2 is really needed, ephemeral diffie-hellman should be mandated as is done in RFC 7540. Otherwise the Private Key Generator (PKG) https://en.wikipedia.org/wiki/Identity-based_encryption can passivle eavesdrop on all encrypted application data (This matters for TLS and most TLS based EAP types, but not EAP-TLS).
 
Cheers,
John
 
From: Emu <emu-bounces@ietf.org> on behalf of Meiling Chen <chenmeiling@chinamobile.com>
Date: Friday, 4 June 2021 at 10:49
To: Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>rg>, emu <emu@ietf.org>
Subject: Re: [Emu] Agenda items for EMU @ IETF 111
Hi Mohit,
I need 5-10minites to introduce our changes for the new version draft-chen-emu-eap-tls-ibs-02,
https://datatracker.ietf.org/doc/draft-chen-emu-eap-tls-ibs/ 


Best,
Meiling
 
From: Mohit Sethi M
Date: 2021-06-04 15:44
To: emu@ietf.org
Subject: [Emu] Agenda items for EMU @ IETF 111
Dear all,
 
We have a requested a 1 hour session for EMU @ IETF 111. Please send the 
chairs (emu-chairs@ietf.org) requests for presentation slots.
 
Don't forget to include the title of your presentation, related drafts, 
and the approximate amount of time needed. Even if you don't have all 
the information ready, at least let us know about your intention to 
present. It would let us gauge if a 1 hour session is sufficient.
 
Joe and Mohit
 
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu