Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-types-09.txt
John Mattsson <john.mattsson@ericsson.com> Fri, 28 October 2022 14:49 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 250FAC14EB1C for <emu@ietfa.amsl.com>; Fri, 28 Oct 2022 07:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.679
X-Spam-Level:
X-Spam-Status: No, score=-2.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8S1ZS7cPhR03 for <emu@ietfa.amsl.com>; Fri, 28 Oct 2022 07:49:22 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2050.outbound.protection.outlook.com [40.107.20.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA037C14E514 for <emu@ietf.org>; Fri, 28 Oct 2022 07:49:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f29aGxn4FUF2dIqeyuzjrVf8PNm/Lu/wyzl49CkL9zJouTNxfUTUtnJEUnJv24uX7sGsEX/NipoR/4favca8QdTjpzIj2YjYEaNtxFuodXkk2k+xRfGAt06PGbfn0mfujcN8/sea4F4xq9On43QUhW57YSgG9fq+Lk/6eslq0MqBoUoagGcIcxiNokwSqg5LryWVzp+tNcE6BkZivkJOzMrYUmKWy/Zf1sX1JHETmR6nLsDkYH0HOvwOnW7YaxMdgPkKt1tWpTd3fBrg8bpGQXjmIDDzFlR+b+RwnEy0j0KHdG2nfa9C+B5Uf1wGzIQHDybtnAh5wNmKTwHhxNjqRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jNZ+fHBZ5Nxx6Y0IFxywd7+YhVVtiZKvQv4gGxZSyH0=; b=IcQNb9P6XRHVS7/5gECsTQhXjcGoOLT5lVR6UQpmS59Tm2pqZRc8Mon566W1u8nJNVqESD9K9SmtCfjwd3wzgC9onpWUdEmTza7LXG/sxsb40uERoOBG6F8aCRGzflA6eAIAtThzm4JNDLr7qGtxF9kKz+qvLLI0QJi6ShjR3hSyVsGuBLcqnnLAV3As6ClG/5sNkOAV3BveVqB4kAL4NtSGUvy/FdJgpqUJ9WmrX7xaFzK/tBB+D+bVUMUxSGIxHCpWV6d4UBkkgVoHNdCSAFgVV92+9HUPhEuVp7ztxjgVkc3HfA8RD/NvPBPpjfmleeRCYV3l89VnVmDuT2meZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jNZ+fHBZ5Nxx6Y0IFxywd7+YhVVtiZKvQv4gGxZSyH0=; b=DIxVTVyGFAq1mqXeqAQ6qDSOa3P/ngSRDLmuHSVdNRVfoHRk1WFQZ5mSF36c0AqLurJr1JXdur4vjaP+WMoxoSBY+mVWryhOBVgli6AKQwCpax7oX7gyzbWwBTeyZb79+IWw0T7cSq9C+ANTMVBXCyNSf6K3RvyYao6mXE0YCyg=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by AM7PR07MB6531.eurprd07.prod.outlook.com (2603:10a6:20b:1ab::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.9; Fri, 28 Oct 2022 14:49:18 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::4458:48c2:e76a:4057]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::4458:48c2:e76a:4057%6]) with mapi id 15.20.5791.009; Fri, 28 Oct 2022 14:49:18 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "emu@ietf.org" <emu@ietf.org>
Thread-Topic: [Emu] I-D Action: draft-ietf-emu-tls-eap-types-09.txt
Thread-Index: AQHY0mxbYWJHZ8MvtEqZnK7+dSX27K4kDzbk
Date: Fri, 28 Oct 2022 14:49:18 +0000
Message-ID: <HE1PR0701MB3050362A7979C272F7E285E989329@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <166428153120.54333.17278955597896126770@ietfa.amsl.com>
In-Reply-To: <166428153120.54333.17278955597896126770@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: HE1PR0701MB3050:EE_|AM7PR07MB6531:EE_
x-ms-office365-filtering-correlation-id: e65e9799-d7b4-4b77-885b-08dab8f39760
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Y8l43fgR5YJTbmTR+//za8atqhzX4Sir+h2ESjY+9GXGU5oikgD/wFVDu6/j2sgsH94wjU4qhEitnsOUYOcQT9wGG39TOgOzBaLk2I+Zakr9qOUOPwihF3VupIvZ/ieu4hnPWjwfk1nmZgWxzuJBsiB/Q+wS00AMwu0DUHfqTNA5YgXMorvlscZRpfmG+2thZa99HZFATOY2EIwYjuFCS4L3PI7qanSL6gIoTry3LZFLVFdCR5bFFPZzjzPZIMHSNS577yFjB0WqD/z58nFnJQ7lCJuVy2ji201hkuuUTMgq1MT4D0dmTQcu+66uI/V0vqIGScDG0OYuxeq9TQeaqPdpkhWcpnuB383b4wedFE5GtdGAvboDA9Mg13P8HRH3M2RjxeAL/unBLxUBtweF9i6MGJStkzpMXvQH9eQAp2372MxAR17ZlDcCY79tseYPqXjyIC1V3Gd+9lG5+PjJe95FUagjaF6qUk3/cM1q4pCvZEfnHFZOCWrhqK+cuO9hJHss9lP4IuCP+4e8iOgPq7C4OlIzKoddDCV1NUaJzu1WUVrRefnO6N3dqOPXkhzjd5O0MnnK1im0U6bTM8Navpx09+tjh0HWEdKUPVc852KbmhHLluI84p32P6OjDfJnS/ygXl+lDElnaWR6j3Wnoxf5N6JG1LpLdbSqs90XIdBK/wYJRvtZXIAIpPzVmxyZQhTVe7YYWvMhlArk+/NjNs86qrR38jLFuC238UOfAepL8+04yTf5bbt8fhuqPpwPwJknh9L5HV+TfQQKab/XnZFbSGGUPRrUcKUlme6rdV2kBG5A9UXG3hzztQ3Y8NoDT2jscetkP8R6YMk4oqz8tQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(39860400002)(366004)(376002)(396003)(346002)(136003)(451199015)(76116006)(55016003)(52536014)(66946007)(8936002)(41300700001)(5660300002)(45080400002)(6916009)(44832011)(33656002)(66476007)(316002)(66556008)(64756008)(66446008)(86362001)(83380400001)(53546011)(8676002)(9686003)(26005)(38070700005)(7696005)(6506007)(66574015)(186003)(478600001)(966005)(71200400001)(122000001)(2906002)(82960400001)(166002)(38100700002)(91956017); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0OiLYCShj1ZgMcwR5Wy5ajltaN2OXi7JeazDUXiFu93WAtt5+Kud4RZ7G23jnTKWUEKCAh57kOr15+s/vGmvMssNGP9uMOfFKUl26J1LhJrG8LI4/5E8KdpC1mOxd/Rp0Kj8AOMgPwMNT5K2hokeZyll8TjzPWahMof/qRV/cCeGDwmqrirqlC2DJ5LxkpL4oHmo2sgN0P+/9bBdKj41Mz1H4UX9ogBWYnaQH0xOceJPHTI919xO/kW2udOopTw3cEZ/DfSJb7rL+Za+53GHDSVaOHnkivRBoLBWckcbzF9/AooANKsZRi06hMBPFnXIkcB6XCDL8Uq/GViVpwAzQKFGM9okjBNRNO86sDMfIhwmhHEP/B13gsie4ZwxhqCeNiN/j3uGgvjEI0wcUB5ry5VXex9hfc3Gi546TbErSuYcFt3Yeqx4X8d4N7bjwSbKJM87cLo6cCghKB6EQoJE7YQlhO6jbTdfKQw2IK68ZeQ3OP3jgqQjWJq78arh9zrhpwSSDx8SUS4gAAZ4IPtwhh95ATNuPP7DXoD1FU3VAE1Jdbcunp7kBPQwVblNcGrnsUOhISQSXoR7kDPdFCx9cd03t5pWnWhmvRxmBXeHU9YBZ56X64xAz1DUZ1SD924zuO6Ta17xNEOiolqrWvJUn3a9+up85q2MyJBWReWHxXMoMTzozico8+JZ1KDYe4oyaqtjKV5ogpHERcSrrUe6JJF4eySTqTm1AYttPQaFrqV+jlDl81oRnP5WTMREisD0FFErzADu5VqcV8c0rqr6cGS/75vHblHwUD57BKwLETid+0D/0hTfJABqNlGAwhw60HZX/71DC6+PCC6Y6LbDZiizxxXoi8C7w/kNQ8vSghd36INvp5lmQGHFh3aEEWA0RSBbXFJYxU4f7mTlfkyVMFC1csn17djxoNnWuT/2G9nS+0s/vxZeRAM/CGlJqSxubi++PDuI4FTBCvu9c3YIi8o/yfOcn2zu+nimsL6QC8IiRv5PK0vdHdFtQnGyJHSctUvc+pt1l+kovRfNn65M3WuL+OD98MCNRqDu38gy4PtfvzQc5HMfxi6bGSC9ehQDn/rcXdkAOuqf7iYCYHIVy6pArdjyoaTBiLScewpvsQHmZBV8C7j9y3sXBOIm7Y9/xczuN/TfOKExJ5AzV63ryTthXRRrb8AVYPxPwWvGuGxN+V/JmrfC79HomegJNE0ddk9qAarA/wYCys/pt/uF1g+qw8avdKjRYcXFDmeMSU/Kxzwaxo6ZeplYR2/O+LAeVnwwKOSMxp0L+7iVf6cfVLXrkSTnEG6/ZaQEG/Iy1Ao5+nLYmAtr239d6XvUeNiqJvgkOLjW+R02I84v1NVGFhKEW6lGxrCreB+x+NJqRaNc5ZfVAw+CUgUmEn6naOm/BpGZ1C+W05ZyrfeWzGBFazc4nXpmCiwman2/jfAPzCKJtc25XZ7cMEGOjOqFrYMGgbhUQwqhHobyODuEuOT4y0XK1lIrM3jpZYUE3/3yYKc5xNKo7zmENCVonmXpt9Q/48WaPV8z5TzQLAHqSPmdISs5KcRtNfKcGR2slkA5ykP6B0p/zX2BBFERDNtpVN+ZsjsjgSO5yrSFeAHDTY8mPCOiAceQKpBvgJ9gPCpbX2o=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050362A7979C272F7E285E989329HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e65e9799-d7b4-4b77-885b-08dab8f39760
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2022 14:49:18.2283 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: i1EHJx1wC6OVegulrnJzO5bOexfzb/xqukyeDWkwRpso9ETqhsZNkjM2nwsfX/i8vOiOjrW/DXzoW8RD/tcYK4pewH8IIco+ecbLjLyJXVg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6531
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/pB-oOJctqUKw1VQl7VQiJckhcgE>
Subject: Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-types-09.txt
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2022 14:49:26 -0000
Hi, Good that publication is requested. A small nit: OLD and tje NEW and the PEAP and SHA-1: Looks like Microsoft is planning to stick with SHA-1 for PEAP 1.3 [PEAP-PRF]. I think that is the wrong choice. NIST recently stated that they plan to deprecate and eventually disallow _all_ uses of SHA-1. In the end, this is Microsoft’s choice, but I think the fact that PEAP 1.3 still uses SHA-1 should be mentioned in draft-ietf-emu-tls-eap-types. This is important information for people and industries following requirements to disallow all uses of SHA-1. https://csrc.nist.gov/News/2022/public-comments-requested-on-fips-180-4-shs Cheers, John From: Emu <emu-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org> Date: Tuesday, 27 September 2022 at 14:26 To: i-d-announce@ietf.org <i-d-announce@ietf.org> Cc: emu@ietf.org <emu@ietf.org> Subject: [Emu] I-D Action: draft-ietf-emu-tls-eap-types-09.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the EAP Method Update WG of the IETF. Title : TLS-based EAP types and TLS 1.3 Author : Alan DeKok Filename : draft-ietf-emu-tls-eap-types-09.txt Pages : 21 Date : 2022-09-27 Abstract: EAP-TLS (RFC 5216) has been updated for TLS 1.3 in RFC 9190. Many other EAP types also depend on TLS, such as EAP-FAST (RFC 4851), EAP- TTLS (RFC 5281), TEAP (RFC 7170), and possibly many vendor specific EAP methods. This document updates those methods in order to use the new key derivation methods available in TLS 1.3. Additional changes necessitated by TLS 1.3 are also discussed. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-emu-tls-eap-types/ There is also an htmlized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-emu-tls-eap-types-09 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-tls-eap-types-09 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
- [Emu] I-D Action: draft-ietf-emu-tls-eap-types-09… internet-drafts
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… John Mattsson
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alan DeKok
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… John Mattsson
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alan DeKok
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… John Mattsson
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alan DeKok
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alexander Clouter
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alexander Clouter
- Re: [Emu] I-D Action: draft-ietf-emu-tls-eap-type… Alexander Clouter