Document Action: 'Handling Large Certificates and Long Certificate Chains in TLS-based EAP Methods' to Informational RFC (draft-ietf-emu-eaptlscert-08.txt)
The IESG <iesg-secretary@ietf.org> Tue, 12 January 2021 17:46 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 04D9F3A0E1D; Tue, 12 Jan 2021 09:46:01 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Document Action: 'Handling Large Certificates and Long Certificate Chains in TLS-based EAP Methods' to Informational RFC (draft-ietf-emu-eaptlscert-08.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 7.24.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: Joseph Salowey <joe@salowey.net>, The IESG <iesg@ietf.org>, draft-ietf-emu-eaptlscert@ietf.org, emu-chairs@ietf.org, emu@ietf.org, joe@salowey.net, rdd@cert.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <161047356100.31099.9914311616710376769@ietfa.amsl.com>
Date: Tue, 12 Jan 2021 09:46:01 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/vcm2zVTxHsPVNwq7S_9QIYoBLfI>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2021 17:46:01 -0000
The IESG has approved the following document: - 'Handling Large Certificates and Long Certificate Chains in TLS-based EAP Methods' (draft-ietf-emu-eaptlscert-08.txt) as Informational RFC This document is the product of the EAP Method Update Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-emu-eaptlscert/ Technical Summary The Extensible Authentication Protocol (EAP), defined in RFC3748, provides a standard mechanism for support of multiple authentication methods. EAP-Transport Layer Security (EAP-TLS) and other TLS-based EAP methods are widely deployed and used for network access authentication. Large certificates and long certificate chains combined with authenticators that drop an EAP session after only 40 - 50 round-trips is a major deployment problem. This document looks at the this problem in detail and describes the potential solutions available. Working Group Summary There was good support in the working group for this document. There we several substantive reviews of the document. Document Quality This document has be reviewed by members of the EAP and the TLS community. Some of the mechanisms in the document are being implemented. Personnel Joseph Salowey is the document shepherd Roman Danyliw is the responsible AD