RE: [Emu] Crypto-binding in TTLS-v0
Ryan Hurst <Ryan.Hurst@microsoft.com> Tue, 14 August 2007 23:45 UTC
Return-path: <emu-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IL64M-0003pE-Lv; Tue, 14 Aug 2007 19:45:02 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IL64L-0003p4-43 for emu@ietf.org; Tue, 14 Aug 2007 19:45:01 -0400
Received: from mailb.microsoft.com ([131.107.115.215] helo=smtp.microsoft.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IL64J-0001pS-CC for emu@ietf.org; Tue, 14 Aug 2007 19:45:01 -0400
Received: from tk1-exhub-c103.redmond.corp.microsoft.com (157.56.116.114) by TK5-EXGWY-E802.partners.extranet.microsoft.com (10.251.56.168) with Microsoft SMTP Server (TLS) id 8.0.700.0; Tue, 14 Aug 2007 16:44:58 -0700
Received: from tk5-exmlt-w601.wingroup.windeploy.ntdev.microsoft.com (157.54.70.16) by tk1-exhub-c103.redmond.corp.microsoft.com (157.56.116.114) with Microsoft SMTP Server id 8.1.177.1; Tue, 14 Aug 2007 16:44:58 -0700
Received: from WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com (157.54.62.26) by TK5-EXMLT-W601.wingroup.windeploy.ntdev.microsoft.com (157.54.70.16) with Microsoft SMTP Server id 8.1.122.1; Tue, 14 Aug 2007 16:44:57 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Emu] Crypto-binding in TTLS-v0
Date: Tue, 14 Aug 2007 16:44:38 -0700
Message-ID: <5F3AAFB2FEC5ED4AA6DE79A3E0B47D80061C13F5@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <08A9A3213527A6428774900A80DBD8D804AC341E@xmb-sjc-222.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Emu] Crypto-binding in TTLS-v0
Thread-Index: AcfektFpOqH8oMANSTSC+dU82hk0MwAAT7aAAA08NNAAAOKgMA==
References: <5F3AAFB2FEC5ED4AA6DE79A3E0B47D80061C0F2B@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com> <08A9A3213527A6428774900A80DBD8D804AC341E@xmb-sjc-222.amer.cisco.com>
From: Ryan Hurst <Ryan.Hurst@microsoft.com>
To: "Nancy Winget (ncamwing)" <ncamwing@cisco.com>, Alan DeKok <aland@deployingradius.com>, Stephen Hanna <shanna@juniper.net>
X-Spam-Score: -8.0 (--------)
X-Scan-Signature: 73734d43604d52d23b3eba644a169745
Cc: emu@ietf.org
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org
I agree that PEAPv0 is a orthogonal issue Nancy, did not mean to suggest it was although in hindsight I can see how it might have read that way. On the topic of TTLS as a EMU working group item, I am not opposed to this as from the customer engagements I have had it appears to have a very strong existing deployment across a number of customer segments and from a protocol standpoint is pretty clean (It just needs a couple of additions like CryptoBindings). Ryan -----Original Message----- From: Nancy Winget (ncamwing) [mailto:ncamwing@cisco.com] Sent: Tuesday, August 14, 2007 4:29 PM To: Ryan Hurst; Alan DeKok; Stephen Hanna Cc: emu@ietf.org Subject: RE: [Emu] Crypto-binding in TTLS-v0 Publishing TTLS and PEAPv0 (and PEAPv1) is a worthy cause given that there are deployments out there. However, I think that is a different item/issue than having it be taken as an EMU work item. For instance, it can be published as an informational RFC much the same way EAP-FAST is now RFC 4851. It is not clear why TTLS should become an EMU work item or standardized as the means to deliver a strong password based method. There are other tunnel methods such as PEAP and EAP-FAST that can also meet the requirements. If we are discussing what would need to be changed/updated to TTLS to meet the requirements, perhaps we should also be evaluating PEAP and EAP-FAST as alternatives as they also meet the requirements and perhaps more so than TTLS. Nancy. -----Original Message----- From: Ryan Hurst [mailto:Ryan.Hurst@microsoft.com] Sent: Tuesday, August 14, 2007 9:57 AM To: Alan DeKok; Stephen Hanna Cc: emu@ietf.org Subject: RE: [Emu] Crypto-binding in TTLS-v0 I agree, I also want to see PEAPv0 published for the same reasons (I am working on a draft of this, no ETA I can share at this time). -----Original Message----- From: Alan DeKok [mailto:aland@deployingradius.com] Sent: Tuesday, August 14, 2007 9:47 AM To: Stephen Hanna Cc: emu@ietf.org Subject: Re: [Emu] Crypto-binding in TTLS-v0 Stephen Hanna wrote: > draft-funk-eap-ttls-v0-01.txt describes EAP-TTLSv0 as it has been > implemented by vendors and adopted by other SDOs. We plan to submit > this for RFC status as part of the ongoing effort to document popular > EAP methods as RFCs. I think this document should be published. It's widely used, and deserves documentation in the IETF process. > As to your question about whether EAP-TTLSv0 is a chartered work item > for the EMU WG, that may depend in part on how the WG decides to > address the work item to deliver a strong password-based method. At > the EMU WG in Chicago, there were two proposals: my proposal to use > EAP-TTLSv0 with these new AVPs and another proposal to define a new > EAP method especially for this purpose. The results of a hum were > inconclusive and it was agreed to take this discussion to the email > list. I am in favor of EAP-TTLSv0 + new AVP's. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
- [Emu] Crypto-binding in TTLS-v0 Lakshminath Dondeti
- AW: [Emu] Crypto-binding in TTLS-v0 Tschofenig, Hannes
- RE: [Emu] Crypto-binding in TTLS-v0 Stephen Hanna
- RE: AW: [Emu] Crypto-binding in TTLS-v0 Bernard Aboba
- Re: AW: [Emu] Crypto-binding in TTLS-v0 Hannes Tschofenig
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 Ryan Hurst
- Re: [Emu] Crypto-binding in TTLS-v0 Lakshminath Dondeti
- RE: [Emu] Crypto-binding in TTLS-v0 Glen Zorn (gwz)
- Re: AW: [Emu] Crypto-binding in TTLS-v0 Bernard Aboba
- RE: [Emu] Crypto-binding in TTLS-v0 Bernard Aboba
- RE: [Emu] Crypto-binding in TTLS-v0 David B. Nelson
- RE: [Emu] Crypto-binding in TTLS-v0 Joseph Salowey (jsalowey)
- RE: [Emu] Crypto-binding in TTLS-v0 Joseph Salowey (jsalowey)
- RE: [Emu] Crypto-binding in TTLS-v0 Stephen Hanna
- RE: [Emu] Crypto-binding in TTLS-v0 Stephen Hanna
- RE: [Emu] Crypto-binding in TTLS-v0 Matthew Gast
- RE: [Emu] Crypto-binding in TTLS-v0 Nancy Winget (ncamwing)
- [Emu] Channel binding (Re: Chennal binding) Lakshminath Dondeti
- RE: [Emu] Crypto-binding in TTLS-v0 Ryan Hurst
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 Nancy Winget (ncamwing)
- RE: [Emu] Crypto-binding in TTLS-v0 Nancy Winget (ncamwing)
- RE: [Emu] Crypto-binding in TTLS-v0 Nancy Winget (ncamwing)
- RE: [Emu] Crypto-binding in TTLS-v0 Nancy Winget (ncamwing)
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 Gene Chang (genchang)
- Re: [Emu] Crypto-binding in TTLS-v0 Hannes Tschofenig
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 david@mitton.com
- RE: [Emu] Crypto-binding in TTLS-v0 Gene Chang (genchang)
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] focus on deployed protocols Bernard Aboba
- RE: [Emu] Crypto-binding in TTLS-v0 Gene Chang (genchang)
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 Hao Zhou (hzhou)
- Re: [Emu] Crypto-binding in TTLS-v0 Jouni Malinen
- Re: [Emu] Crypto-binding in TTLS-v0 Sam Hartman
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Lakshminath Dondeti
- RE: [Emu] Crypto-binding in TTLS-v0 Hao Zhou (hzhou)
- Re: [Emu] Crypto-binding in TTLS-v0 Lakshminath Dondeti
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Sam Hartman
- [Emu] Chennal binding Sam Hartman
- RE: [Emu] Crypto-binding in TTLS-v0 Gene Chang (genchang)
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- RE: [Emu] Crypto-binding in TTLS-v0 Gene Chang (genchang)
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Sam Hartman
- Re: [Emu] Crypto-binding in TTLS-v0 Sam Hartman
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Alan DeKok
- Re: [Emu] Crypto-binding in TTLS-v0 Sam Hartman