[Last-Call] Secdir last call review of draft-ietf-emu-tls-eap-types-11
Melinda Shore via Datatracker <noreply@ietf.org> Sat, 04 February 2023 01:19 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: last-call@ietf.org
Delivered-To: last-call@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 79BF6C1782A2; Fri, 3 Feb 2023 17:19:15 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Melinda Shore via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-emu-tls-eap-types.all@ietf.org, emu@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 9.8.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <167547355548.40427.1521347613044647956@ietfa.amsl.com>
Reply-To: Melinda Shore <melinda.shore@nomountain.net>
Date: Fri, 03 Feb 2023 17:19:15 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/B_g94Vy4A1H3kO2orIw_FMbWep0>
Subject: [Last-Call] Secdir last call review of draft-ietf-emu-tls-eap-types-11
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Feb 2023 01:19:15 -0000
Reviewer: Melinda Shore Review result: Ready This document updates TLS-based EAP methods to use key derivation mechanisms from TLS 1.3, along with other TLS 1.3-required updates. It's clearly written and I believe could be implemented from. There are several very minor nits, which I actually don't think need to be addressed but are mentioned here in the interest of completeness. Section 3.1 is a very nice piece of work, as is the security considerations. 2.1 “The inclusion of the EAP type makes the derivation method specific.” “method-specific” or “specific to the method” might be clearer 2.2 “PAC” should probably be spelled out on its first use. Also EMSK and other initialisms “j’th inner methods” should be singular “In TLS 1.3, the derivation of IMCK[j] used both a different label” should be present tense (“uses”) 2.4 should probably use either MS-CHAP or MS-CHAPv1 consistently
- [Last-Call] Secdir last call review of draft-ietf… Melinda Shore via Datatracker
- Re: [Last-Call] Secdir last call review of draft-… Alan DeKok