[Emu] Resolving EAP-TLS issues
Joseph Salowey <joe@salowey.net> Sun, 28 March 2021 21:20 UTC
Return-Path: <joe@salowey.net>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 912E33A26CE for <emu@ietfa.amsl.com>; Sun, 28 Mar 2021 14:20:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.638
X-Spam-Level:
X-Spam-Status: No, score=-1.638 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8kEcBCtAs6PF for <emu@ietfa.amsl.com>; Sun, 28 Mar 2021 14:20:32 -0700 (PDT)
Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE8C43A26D0 for <emu@ietf.org>; Sun, 28 Mar 2021 14:20:31 -0700 (PDT)
Received: by mail-lf1-x130.google.com with SMTP id o126so15496417lfa.0 for <emu@ietf.org>; Sun, 28 Mar 2021 14:20:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=qcpHxRp4PxcwsulRpPXZtgJodd6XP0owwGRV/sJoaUE=; b=b/KMS9GaHIKQPYnwGAIPUyxjPeNjw7dfH87fTzR7x7XRD5h3WVfN5UUqD1F1ns/PdZ 6ngL6RmcIfp8oyc/dp2hC3F85bxxUmXZULOlNWD6HCwCZVKTNmYjSsZVcrWUv74cxecB xQwKgAa4Wd/roH1LffwD7/J/yC+IGfgmd6WbPuRXgW4HWZ2KLb4ywl1aovuap/QF49kS D3Ja5mfC3j5ZmSLqcUqLRsxuiN2U9Gkn4g5e8I314HghFlJ6MzAGTb2VSVjnKNV/zgXA L7BHQFRJEKRe0HI4iE9h2ts1ffqPJAGtwj0S/2QTTT3wL6SHohjcOU5biJbpRjbHV3Pi DkNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=qcpHxRp4PxcwsulRpPXZtgJodd6XP0owwGRV/sJoaUE=; b=VtYrRR9Qi4wMmytFG8F4eKMQ2fmCgapQjiM8Mwe/vkSBLIWg2FHnZ208JnouToxXdo D1EWmHEqMr0OG2TVoh928Zi1zdz4Ziq5E8a7Z06tc3vqWAAOv1F3QcuuA1XV0C4iXdpB sXm71MUoWC3Jc+sncA+JVZLRAl0XBjA+2w8ga2tBIPZOx8vag6V9GlUjiIvJC1ZAtJVj ICYBkdhvjjqHLRPNYTHzaXvV1jf0erxlasEvvDTYbB02O3d3Ch0lOpRMfSFi9hRWn6R+ IEkT3f2F0Ve0wDPjY3DCRfnIPOVfnvJ518QvT8vzGVuvwTKoaIotLbKjKNUBl6VZBD41 Ph+w==
X-Gm-Message-State: AOAM532Idk7KAJdVVrn+AnieuRxOwoU4A9hSJ7MDtHaScx7WmktDlVFc 6jNz3zmS9tv+2YW0aVYS0bzLNPxeqN8u/sL8Bh7BC4E9zKoWkA==
X-Google-Smtp-Source: ABdhPJyVVyuwjuDDygMXSnDumXVTIk9yFypWDeyKyWpwW0CUwmsnBPNhcITUW2uxlEjx7tugRtoKFEFKHondY1fN3SE=
X-Received: by 2002:ac2:5dcf:: with SMTP id x15mr14003212lfq.176.1616966428108; Sun, 28 Mar 2021 14:20:28 -0700 (PDT)
MIME-Version: 1.0
From: Joseph Salowey <joe@salowey.net>
Date: Sun, 28 Mar 2021 14:20:17 -0700
Message-ID: <CAOgPGoDH=6ZZemGgSg4m4k=F=b7Wk4J6Q78ur_pmNSpOvyN2Kw@mail.gmail.com>
To: EMU WG <emu@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008fb87605be9f55fa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/qkx80v8IZWS5alf2MwXLY5FyXmE>
Subject: [Emu] Resolving EAP-TLS issues
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2021 21:20:35 -0000
The authors have been working on the draft-ietf-emu-eap-tls13 in the GitHub Repo (https://github.com/emu-wg/draft-ietf-emu-eap-tls13). Below is a brief summary of the Issues and PRs that have recently been merged or ready to be merged. If you are aware of issues that are not currently tracked in the repo please add them or let the chairs know. We are looking to publish a new draft in the next few weeks so indicate on the list if there are problems with these resolutions. Thanks, Joe PR #44 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/44> - Merged - Editorial - Clarifies that Message Flows are Examples PR #50 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/50> - Merged - Editorial - Moving from Master to Main terminology as in RFC8446bis PR #51 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/51> - Merged - Editorial - added text to suggest that one session ticket be sent - Issue 48 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/48> PR #53 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/53> - Merged - Normative - Uses type code in the context of the key derivation - Issue 32 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/32> - Issue 56 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/56> PR #40 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/40> - Ready to Merge - Editorial - alignment with EAP State Machine Terminology - Issue 33 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/33> Issue 36 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/36> PR #41 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/41> - Ready to Merge - Editorial - Discussion of packet modification attacks - Issue 36 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/36> PR #42 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/42> - Ready to Merge - Editorial - Reference EAP-Types draft PR #45 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/45/files> - Ready to Merge - Editorial - Describes why session resumption is needed - Issue 34 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/34> PR #46 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/46> - Ready to Merge - Normative - Makes it mandatory to send Error Alerts to single EAP Failure - Issue 37 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/37> - Issue 38 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/38> PR #54 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/pull/54> - Ready to Merge - Normative - uses protected success indicators as single 0x00 byte of application data - Issue 55 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/55> Open Issues without proposed Resolution Issue #52 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/52> - Needs Discussion and Proposal - Update security considerations with discussion of implications no peer authentication Issue #47 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/47> - Needs DIscussion and proposal - how does the peer validate the identity of the server? Issue #29 <https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/29> - Needs DIscussion and proposal - mutual authentication section is broader than mutual authentication
- [Emu] Resolving EAP-TLS issues Joseph Salowey
- Re: [Emu] Resolving EAP-TLS issues Alan DeKok
- Re: [Emu] Resolving EAP-TLS issues Mohit Sethi M