Last Call: <draft-ietf-emu-crypto-bind-04.txt> (EAP Mutual Cryptographic Binding) to Informational RFC
The IESG <iesg-secretary@ietf.org> Thu, 11 July 2013 13:22 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81A4611E812E; Thu, 11 Jul 2013 06:22:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.477
X-Spam-Level:
X-Spam-Status: No, score=-102.477 tagged_above=-999 required=5 tests=[AWL=0.123, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id quYoYk+ElB-L; Thu, 11 Jul 2013 06:22:02 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7046E21F9C05; Thu, 11 Jul 2013 06:22:02 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-emu-crypto-bind-04.txt> (EAP Mutual Cryptographic Binding) to Informational RFC
X-Test-IDTracker: no
X-IETF-IDTracker: 4.51.p2
Sender: iesg-secretary@ietf.org
Message-ID: <20130711132158.24163.16922.idtracker@ietfa.amsl.com>
Date: Thu, 11 Jul 2013 06:21:58 -0700
Cc: emu@ietf.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2013 13:22:04 -0000
The IESG has received a request from the EAP Method Update WG (emu) to consider the following document: - 'EAP Mutual Cryptographic Binding' <draft-ietf-emu-crypto-bind-04.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-07-25. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract As the Extensible Authentication Protocol (EAP) evolves, EAP peers rely increasingly on information received from the EAP server. EAP extensions such as channel binding or network posture information are often carried in tunnel methods; peers are likely to rely on this information. RFC 3748 is a facility that protects tunnel methods against man-in-the-middle attacks. However, cryptographic binding focuses on protecting the server rather than the peer. This memo explores attacks possible when the peer is not protected from man-in- the-middle attacks and recommends mutual cryptographic binding, a new form of cryptographic binding that protects both peer and server along with other mitigations. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-emu-crypto-bind/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-emu-crypto-bind/ballot/ No IPR declarations have been submitted directly on this I-D.