Re: [Gen-art] IETF LC review: draft-funk-eap-ttls-v0-04.txt
"Joel M. Halpern" <jmh@joelhalpern.com> Fri, 21 March 2008 23:29 UTC
Return-Path: <gen-art-bounces@ietf.org>
X-Original-To: ietfarch-gen-art-archive@core3.amsl.com
Delivered-To: ietfarch-gen-art-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DB80E3A6BC7; Fri, 21 Mar 2008 16:29:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.907
X-Spam-Level:
X-Spam-Status: No, score=-99.907 tagged_above=-999 required=5 tests=[AWL=0.530, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R1988oLtTSFr; Fri, 21 Mar 2008 16:29:22 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2173A28C4AF; Fri, 21 Mar 2008 16:29:21 -0700 (PDT)
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 604D328C4A0 for <gen-art@core3.amsl.com>; Fri, 21 Mar 2008 16:29:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oEs4XzqfSw1e for <gen-art@core3.amsl.com>; Fri, 21 Mar 2008 16:29:19 -0700 (PDT)
Received: from bender-mail.tigertech.net (bender-mail.tigertech.net [64.62.209.30]) by core3.amsl.com (Postfix) with ESMTP id 340B928C598 for <gen-art@ietf.org>; Fri, 21 Mar 2008 16:29:15 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by bender.tigertech.net (Postfix) with ESMTP id 98E057DD6; Fri, 21 Mar 2008 16:26:57 -0700 (PDT)
Received: from [10.10.10.101] (pool-71-161-50-201.clppva.east.verizon.net [71.161.50.201]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by bender.tigertech.net (Postfix) with ESMTP id 7E0767DA4; Fri, 21 Mar 2008 16:26:55 -0700 (PDT)
Message-ID: <47E4443B.5010904@joelhalpern.com>
Date: Fri, 21 Mar 2008 19:26:51 -0400
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: Mary Barnes <mary.barnes@nortel.com>
References: <F66D7286825402429571678A16C2F5EE02834C94@zrc2hxm1.corp.nortel.com>
In-Reply-To: <F66D7286825402429571678A16C2F5EE02834C94@zrc2hxm1.corp.nortel.com>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at tigertech.net
Cc: Jari Arkko <jari.arkko@piuha.net>, gen-art@ietf.org
Subject: Re: [Gen-art] IETF LC review: draft-funk-eap-ttls-v0-04.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org
I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). Please resolve these comments along with any other Last Call comments you may receive. Document: EAP Tunneled TLS Authentication Protocol Version 0 Reviewer: Joel M. Halpern Review Date: 21-March-2008 IETF LC End Date: 2-April-2008 IESG Telechat date: N/A Summary: This document is ready for publication as an Informational RFC. If a revision is to be done, it would make sense to consider the first two comments below, and see if the minor comments can be usefully addressed. Comments: There are two sets of AVPs defined by this document. One set goes in the EAP-TTLS Start packet from the server to the client. The other set are used in the inner TLS protected exchange. The first set are referenced in section 9.2. But as far as I can tell, there is no description of what valid AVPs may appear here. Even if they are the same AVPs as go inside, some text explaining this in section 9.2 would be helpful. Section 7.2 talks about the application utilizing EAP-TTLS specifying the information to be exchanged. It is not clear to me what is meant by "application" here. Does this mean the different authentication mechanisms that the client can select? Or something else? (If something else, how is it known.) A bit of explanatory text would probably help. Minor: The text in section 7.8 talks about the different versions of TLS that can be used. It would be useful (assuming I have correctly understood the protocol) if the text noted that these versions are negotiated by TLS, as part of carrying TLS over TTLS. Section 11.3 on multiple authentication methods could use a couple of extra words at the front. Something like "When the client has selected EAP for authentication, the AAA/H server may request multiple forms of Authentication." Otherwise, the reader tries to tie this to the entirety of 11.2 (client specified authentication) and may get very confused before finding at the end of the section the note that this only applies to EAP. (Leave the note. Just add text at the beginning.) I presume I will find out how the communicating parties agree on what "application" is utilizing EAP-TTLS some time after section 7.2? _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
- [Gen-art] A *new* batch of IETF LC reviews - 20 M… Mary Barnes
- Re: [Gen-art] IETF LC review: draft-funk-eap-ttls… Joel M. Halpern
- Re: [Gen-art] IETF LC review: draft-funk-eap-ttls… Lakshminath Dondeti
- Re: [Gen-art] IETF LC review: draft-funk-eap-ttls… Joel M. Halpern