Re: [Emu] More TEAP issues

Alan DeKok <aland@deployingradius.com> Wed, 30 November 2022 12:30 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85E05C1522B1 for <emu@ietfa.amsl.com>; Wed, 30 Nov 2022 04:30:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4huE7FIfSj2r for <emu@ietfa.amsl.com>; Wed, 30 Nov 2022 04:30:04 -0800 (PST)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24366C1522A7 for <emu@ietf.org>; Wed, 30 Nov 2022 04:30:02 -0800 (PST)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id F3064305; Wed, 30 Nov 2022 12:29:59 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <2fe44c6e-6450-2ce3-e4bd-88b4d22e53a0@lear.ch>
Date: Wed, 30 Nov 2022 07:29:58 -0500
Cc: Joseph Salowey <joe@salowey.net>, EMU WG <emu@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <09C4A548-91FB-4068-A2AF-4DF96E35D637@deployingradius.com>
References: <449FBD6E-34F7-49A2-A9A1-72BD716E1DDA@deployingradius.com> <CAOgPGoCwk3UVq7Wv+1SNh8cQta70VegiNAz917aHVhvO2QtA7A@mail.gmail.com> <2fe44c6e-6450-2ce3-e4bd-88b4d22e53a0@lear.ch>
To: Eliot Lear <lear@lear.ch>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/pgxP5T7gLGuwnWRwoboJ0JT-qR0>
Subject: Re: [Emu] More TEAP issues
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2022 12:30:06 -0000

On Nov 30, 2022, at 1:24 AM, Eliot Lear <lear@lear.ch> wrote:
> I'd also like to take some time to consider what additional TLVs may be required.  Right now there is an incongruence between TEAP and other protocols that sign certs in that there is no CSR attributes TLV.  There may be several others to consider.

  While I'm wary of extending the scope of a "fix errata" -bis document, "making it work" is also a high priority.

  So, yes.  Adding more TLVs is fine.  Current implementations don't use them, but they could be updated without affecting interoperability.

  Alan DeKok.