Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
"Owen Friel (ofriel)" <ofriel@cisco.com> Wed, 18 September 2019 21:43 UTC
Return-Path: <ofriel@cisco.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7A8B120052; Wed, 18 Sep 2019 14:43:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=jXkCX2h1; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=F1u3FTNj
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gyq_2E55WaOE; Wed, 18 Sep 2019 14:43:36 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADC5A120043; Wed, 18 Sep 2019 14:43:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6228; q=dns/txt; s=iport; t=1568843016; x=1570052616; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=K8GxrVwijr0fcC3kXY+HlVVV5C/DOHRh4CGzFqvB4HI=; b=jXkCX2h11+KU/R9nVqo/JvaOweI+PiipVOV5wGHr452Y8BAIXJ5uM1cu 4tOpqJilr3E2d0nMwxszY8gx6LIpQVOXGnEc5c17fSWZ5XhU+n5/oi0np Nnck37Q0Noh+6Z1bugS4Yfwb0Sa8vUdbe7IRsCS2yvoqjzBTIuSre5ob8 0=;
IronPort-PHdr: 9a23:7JcPrRObiGSbaYPZ06El6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEuKQ/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETBoZkYMTlg0kDtSCDBj8IuTrYigSF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ApAAA7pIJd/4wNJK1cCRoBAQEBAQIBAQEBBwIBAQEBgVYCAQEBAQsBgURQA21WIAQLFxMKh18DinuCXJdzglIDVAkBAQEMAQEYCwoCAQGEPwKDAyM3Bg4CAwkBAQQBAQECAQUEbYUtDIVKAQEBAQMBARAoBgEBLAsBCwQCAQgRBAEBARgGECcLHQgCBAENBQgagwGBagMdAQ6lOAKBOIhhgiWCfQEBBYEzAQMCg0wYghcDBoE0AYk/giwdGIFAP4ERRoJMPoJhAQECAYE0FAYSTYJugiasE24KgiKHBY4amSGOEIgPkHsCBAIEBQIOAQEFgWgiRIEUcBU7gmxQEBSBTgkag0+FFIU/cwGBKI0dgQ0BgSIBAQ
X-IronPort-AV: E=Sophos;i="5.64,522,1559520000"; d="scan'208";a="633257979"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 18 Sep 2019 21:43:34 +0000
Received: from XCH-ALN-018.cisco.com (xch-aln-018.cisco.com [173.36.7.28]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x8ILhY0V006556 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 18 Sep 2019 21:43:34 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-018.cisco.com (173.36.7.28) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 18 Sep 2019 16:43:34 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 18 Sep 2019 16:43:32 -0500
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 18 Sep 2019 16:43:32 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Lc2oxq84Og+EQ1FR8g/DWvLk4FDSuLrCGLxjSbQNKE5RDBiOoOZSjeZTwU/vPL+o+woT7VFZAaKsseZNOKHNvlc+DlTfW42ppy6V1On+axh7Wra2YWje4vX5W5eW4lwqtmgefK2uP5KxObqrQWN5KmRSAdLDY9kHjYN44pksrsthj+dJzR7+6JVYUtDhOWZS33J8lo7xQzFalWobm2hqH2nFARSFgYbayRA+bHJ0Md6fwBMR5PhvBSZO09qWNGFhjGy3110/meeZJH7xeXFkFDaL4tWpAH13FGM7RI/rplcKEkyMJGWv2pGQ9L+NG6uagMxy1OBnmweiT5JQIdlw0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sPVe0SaQE4goCR3EtaPIlVCVK+WGtnqSrPZu5Iz3nXc=; b=EpN2D+kTZzXJUMUXViU3pc4tZRg/XUlM5YDlqtMKzxMFOSjsg/kI5YbCutNsn6nodHL+lWDFBm0kEWC62g/NAlwRkwIEQCnZFqgal7zXaBXjfTMjQCEWOqbyBM02aT9g2Nbxco67JPUb+dQsZe6E8DxYMaEkzPT8bxb7IQ2+RkR3pJn3d3S6ckDPAuVRaW66HAmjWkQSIxl2wvHwXhRvIygL4/bVgULaG4eLTwxSrH6bBc8hKPQMtvTDV/NKqZC/df71diStr9Y6vdJU3379fcgLgfKwMvp4CBiiys8+4gAn/bnXxp+tdRkdAo1YgHgSHKRHk1jpN0qAt0tb0xhNTQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sPVe0SaQE4goCR3EtaPIlVCVK+WGtnqSrPZu5Iz3nXc=; b=F1u3FTNjdzC2SFVHnTmuNEpxiIv94AhyOc0Rh6yqyBsz2y4yrHVBdXjFcVpPXmsfHwMyj8wC/iO+x3ZGO3nJDOP3PZAX8YFF/A3d+j07R0TOTBFKFIUemoa7pYC4BOsuwJuxaX8/Ho0yNJk+ZMXPYwLid5b+q4f5Gpp305lgjFc=
Received: from CY4PR1101MB2278.namprd11.prod.outlook.com (10.172.76.13) by CY4PR1101MB2070.namprd11.prod.outlook.com (10.172.78.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.26; Wed, 18 Sep 2019 21:43:30 +0000
Received: from CY4PR1101MB2278.namprd11.prod.outlook.com ([fe80::686a:2f6e:32c2:5127]) by CY4PR1101MB2278.namprd11.prod.outlook.com ([fe80::686a:2f6e:32c2:5127%9]) with mapi id 15.20.2263.023; Wed, 18 Sep 2019 21:43:30 +0000
From: "Owen Friel (ofriel)" <ofriel@cisco.com>
To: "Owen Friel (ofriel)" <ofriel@cisco.com>, Alan DeKok <aland@deployingradius.com>, John Mattsson <john.mattsson@ericsson.com>
CC: "draft-ietf-emu-eap-tls13@ietf.org" <draft-ietf-emu-eap-tls13@ietf.org>, EMU WG <emu@ietf.org>
Thread-Topic: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
Thread-Index: AdVKJoKyKr1G5+9hQuKLAEK5rLYqPgfSdnOQAABeFAAABkCJgP//55mA//bAJjCAEoZ6AIAAJXeA///jpID//4j+YP//AePQ
Date: Wed, 18 Sep 2019 21:43:30 +0000
Message-ID: <CY4PR1101MB227851C983D878EA8CA4DEE1DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com>
References: <7828_1564869242_5D46027A_7828_348_1_02e001d54a45$e92ae900$bb80bb00$@augustcellars.com> <20b118932a4843b6b88e605799fafea8@aalto.fi> <211AD83C-D111-4EEB-AAF0-D9B5E521F4CF@deployingradius.com> <8F355C6F-DF1E-4E03-B75E-0F1D2508B9D4@ericsson.com> <246280B8-6E5C-484B-95BD-9C940C98C507@deployingradius.com> <CY4PR1101MB22781AB8C8982ACF99B61544DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com> <DAE24683-2B66-40F1-AFC6-77250113B204@deployingradius.com> <1FD26215-86AF-4C64-83ED-AB1D67D1937B@ericsson.com> <DB61AD67-77D5-4EF9-9207-4CD20C3B61C7@deployingradius.com> <CY4PR1101MB2278103D6B59896837905DC2DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com>
In-Reply-To: <CY4PR1101MB2278103D6B59896837905DC2DB8E0@CY4PR1101MB2278.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ofriel@cisco.com;
x-originating-ip: [173.38.220.48]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 89dfa9d3-4bc3-47ab-adc0-08d73c813f65
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:CY4PR1101MB2070;
x-ms-traffictypediagnostic: CY4PR1101MB2070:
x-ms-exchange-purlcount: 5
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <CY4PR1101MB2070EBE0F974B5BE98286A99DB8E0@CY4PR1101MB2070.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 01644DCF4A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(136003)(39860400002)(396003)(366004)(13464003)(51444003)(189003)(199004)(66476007)(6506007)(64756008)(5660300002)(2940100002)(76116006)(4326008)(11346002)(86362001)(66556008)(14454004)(3846002)(478600001)(2906002)(6436002)(66066001)(446003)(186003)(25786009)(966005)(256004)(14444005)(476003)(229853002)(6116002)(7736002)(6246003)(486006)(54906003)(9686003)(66946007)(81156014)(81166006)(102836004)(26005)(6306002)(33656002)(316002)(55016002)(52536014)(7696005)(71200400001)(53546011)(76176011)(71190400001)(110136005)(8676002)(8936002)(74316002)(99286004)(66446008)(305945005); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1101MB2070; H:CY4PR1101MB2278.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: zA1Tpm5GFm3TfJ1J5LqoR8ItarvuYKeoq0+8VZxBmxxqW2JMQdePjrW2/OPVCAspiVtFr7wt0bDwZHilsEb4Qor+xKuM4h9t6+KLZWDANGBRt8v9NUEVBbEnF23s8Y14H0XplU4vRysMFIpKRm74lq7js6f+/sCCeQnQRWs8Z4II9Z4e+oOvtDa8dD1On+BrP2sNXp13Pq41/mepgGhgP1b5qUqL+itLi5riIY7BiHumpDjmWTM2BtfwRRH4aELXnCKVdaULCDOP14tgVko8Beqyd77vbwpsxql9homODPaqJy16CVXNxQwNHYBE4spYh2HeCEiVdFA2ydIL1NTi9oVHVliPkTEae8TZfqhW6Z9f4XIrxo7EhSyhIJgPqVVokWESxFnYqWFLfULOSuYQz4DvBuuz3ykIg12MbvWidc8=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 89dfa9d3-4bc3-47ab-adc0-08d73c813f65
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2019 21:43:30.6061 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GtFoR5Wspzg8T6iUnYbB6+m2eNCrlF1PEncwToK8NVv+TmECp7OCKguFJKm6pUVcurIOMsdpZ8eZmjRQNSdPWg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1101MB2070
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.28, xch-aln-018.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/ki5i4ITZgcU1fsY0YTw6zX1Zc90>
Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 21:43:40 -0000
And one other draft of interest: https://tools.ietf.org/html/draft-ietf-tls-external-psk-importer-00 > -----Original Message----- > From: Emu <emu-bounces@ietf.org> On Behalf Of Owen Friel (ofriel) > Sent: 18 September 2019 22:42 > To: Alan DeKok <aland@deployingradius.com>; John Mattsson > <john.mattsson@ericsson.com> > Cc: draft-ietf-emu-eap-tls13@ietf.org; EMU WG <emu@ietf.org> > Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 > > > > > -----Original Message----- > > From: Alan DeKok <aland@deployingradius.com> > > Sent: 18 September 2019 14:40 > > To: John Mattsson <john.mattsson@ericsson.com> > > Cc: Owen Friel (ofriel) <ofriel@cisco.com>; draft-ietf-emu-eap- > > tls13@ietf.org; EMU WG <emu@ietf.org> > > Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 > > > > > > > > > On Sep 18, 2019, at 9:21 AM, John Mattsson > > <john.mattsson@ericsson.com> wrote: > > > > > > If I understand you correctly Alan, your implementation would have > > different databases (one resumption DB and one external PSK DB) and > > you do not want to do two database lookups. > > > > It's more about what *can* be done. RFC 8446 Section 8.1 and 8.2 > > talk about using multiple DBs, too. > > > > > The format of the PSKidentities is free for the deployment to decide > > > upon > > and the resumption PSKs can be completely be determined by the EAP-TLS > > implementation. Your implementation could for example put a message > > authentication code inside the PSK identity. The MAC would be > > calculated with a symmetric key the EAP server has randomly generated > > by itself. I think that would solve your problem. > > > > I suggest giving guidance to implementors. Otherwise the issue is > > open to implementation-defined behaviour, which is problematic. > > Giving some implementation guidance seems appropriate here. Naively, one > could envisage the implementation simply having a DB table for extern PSKs > and a table that holds NewSessionTickets. An implementation could simply > check the extern PSK table using the PskIdentity.identity, and if no match is > found then check the NewSessionTickets table. The default OpenSSL NSK > ticketId is 32 bytes long > https://github.com/openssl/openssl/blob/558ea84743918f7a93bfbfc259f86a > d1fa4c8de9/include/openssl/ssl3.h#L127 so something has gone seriously > wrong if there is a clash (poor randoms, etc.). An additional layer of > protection is provided by the PskBinderEntry as this is a HMAC derived using > the PSK as one input, so the server even if there happened to be an identity > clash, the binders will not match. > > Implementations should also note > https://tools.ietf.org/html/rfc8446#appendix-E.6. > > > > > If PSKs are used only for resumption, the the format doesn't matter. > > If PSKs are used for both authentication *and* resumption, then I > > strongly recommend giving guidance. > > > > For example, RFC 8446 Section 4.1.2 says: > > > > struct { > > opaque identity<1..2^16-1>; > > uint32 obfuscated_ticket_age; > > } PskIdentity; > > > > i.e. the PSK identity is an opaque binary string. How is the user > > supposed to enter a binary string into a "username" field in their > > GUI? What are the recommended formats? > > > > If the ClientHello isn't encrypted, then the PSK is visible to > > anyone (I believe). > > Well, more precisely, the PSK identity is visible in the ClientHello, not the > actual PSK of course. > > And the PSK *must not* be a user-manageable string such as the > > NAI. On the other hand, if the PSK is sent after encryption begins, > > then the PSK *should* be a user-manageable string such as an NAI. > > https://tools.ietf.org/html/rfc8446#section-2.2 also states: > > " Note: When using an out-of-band provisioned pre-shared secret, a > critical consideration is using sufficient entropy during the key > generation, as discussed in [RFC4086]. Deriving a shared secret > from a password or other low-entropy sources is not secure. A > low-entropy secret, or password, is subject to dictionary attacks > based on the PSK binder. The specified PSK authentication is not > a strong password-based authenticated key exchange even when used > with Diffie-Hellman key establishment. Specifically, it does not > prevent an attacker that can observe the handshake from performing > a brute-force attack on the password/pre-shared key. " > > so TLS-PSK is not suitable for a user entered low entropy password. We need > a PAKE for that (c.f. the ongoing CFRG PAKE assessment) > > > > > > I see it being useful for EAP-TLS to allow PSK authentication. I > > just want to be sure I know what that means, and what the impacts are. > > There are some use cases Eliot and I are looking at related to IoT onboarding > where a TLS-PSK authentication has definite value, and we really don't want > to see this avenue closed off in EAP. Happy to provide any suggestions on > Implementation Notes to your draft. > > > > > > I do not see how an attacker could do anything..... an attacker can > > definitely reuse any PSK identity, but would not have the > > corresponding PSK and the ClientHello would therefore not be accepted. > > The worst thing an attacker could do is to replay a ClientHello, then > > the handshake would fail then the EAP server verifies the Finished > message. > > And note https://tools.ietf.org/html/rfc8446#appendix-E.6 where there is > guidance on how to protect from an attacker determining a valid PSK > identity. > > > > I agree. My larger point was that in the absence of guidance, it's > > impossible to know what to do with a PSK identity. > > > > > I don't see why this would be more of a problem in EAP-TLS with TLS > > > 1.3 > > that in any other application of EAP-TLS. > > > > I agree. > > > > Alan DeKok. > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu
- [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13 Jim Schaad
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Aura Tuomas
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Jim Schaad
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… John Mattsson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Mohit Sethi M
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Michael Richardson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Michael Richardson
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Jorge Vergara
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Eliot Lear
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Owen Friel (ofriel)
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Alan DeKok
- Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-t… Joseph Salowey