[Emu] [Technical Errata Reported] RFC7170 (7145)
RFC Errata System <rfc-editor@rfc-editor.org> Wed, 05 October 2022 14:42 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71040C14F72B for <emu@ietfa.amsl.com>; Wed, 5 Oct 2022 07:42:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.657
X-Spam-Level:
X-Spam-Status: No, score=-1.657 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yn4pxl-hPb9n for <emu@ietfa.amsl.com>; Wed, 5 Oct 2022 07:42:42 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A34EDC14CF1E for <emu@ietf.org>; Wed, 5 Oct 2022 07:42:42 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 3C03455D3C; Wed, 5 Oct 2022 07:42:42 -0700 (PDT)
To: hzhou@cisco.com, ncamwing@cisco.com, jsalowey@cisco.com, steve.hanna@infineon.com, rdd@cert.org, paul.wouters@aiven.io, joe@salowey.net, peter@akayla.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: lear@lear.ch, emu@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20221005144242.3C03455D3C@rfcpa.amsl.com>
Date: Wed, 05 Oct 2022 07:42:42 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/aKWpxtg4jDdMUOCcM7qDC3VboGo>
X-Mailman-Approved-At: Sun, 09 Oct 2022 09:08:06 -0700
Subject: [Emu] [Technical Errata Reported] RFC7170 (7145)
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2022 14:42:46 -0000
The following errata report has been submitted for RFC7170, "Tunnel Extensible Authentication Protocol (TEAP) Version 1". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7145 -------------------------------------- Type: Technical Reported by: Eliot Lear <lear@lear.ch> Section: 3.3.3 Original Text ------------- The Crypto-Binding TLV MUST be exchanged and verified before the final Result TLV exchange, regardless of whether or not there is an inner EAP method authentication. Corrected Text -------------- Except as noted below, the Crypto-Binding TLV MUST be exchanged and verified before the final Result TLV exchange, regardless of whether or not there is an inner EAP method authentication Notes ----- The text contradicts itself in the same paragraph, because it goes on to say: The server may send the final Result TLV along with an Intermediate-Result TLV and a Crypto-Binding TLV to indicate its intention to end the conversation. If the peer requires nothing more from the server, it will respond with a Result TLV indicating success accompanied by a Crypto-Binding TLV and Intermediate-Result TLV if necessary. So there are actually several legal combinations here: 1. Server and peer perform a crypto-binding exchange in anticipation of later sending Result TLVs 2. The server and peer combine their crypto-binding and Result TLV in the same message. 3. One side initiates a crypto-binding TLV and the OTHER responds with both crypto-binding and Result TLV. The practice seems to be to include the crypto-binding TLVs alongside Result TLVs. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7170 (draft-ietf-emu-eap-tunnel-method-10) -------------------------------------- Title : Tunnel Extensible Authentication Protocol (TEAP) Version 1 Publication Date : May 2014 Author(s) : H. Zhou, N. Cam-Winget, J. Salowey, S. Hanna Category : PROPOSED STANDARD Source : EAP Method Update Area : Security Stream : IETF Verifying Party : IESG
- [Emu] [Technical Errata Reported] RFC7170 (7145) RFC Errata System