Re: [Reap] [saag] PSA: New list for discussing EAP related methods

Eliot Lear <lear@cisco.com> Fri, 27 October 2017 11:55 UTC

Return-Path: <lear@cisco.com>
X-Original-To: reap@ietfa.amsl.com
Delivered-To: reap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC7EA13F507; Fri, 27 Oct 2017 04:55:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qq-8UehXMp7Q; Fri, 27 Oct 2017 04:55:32 -0700 (PDT)
Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED78113F511; Fri, 27 Oct 2017 04:55:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=20655; q=dns/txt; s=iport; t=1509105329; x=1510314929; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to; bh=/W6IwO0pwDlTEJLT4EutdpzB4s/0WB8qBFCMNNUNyug=; b=Wpb+Ex6NfXAZgrmPsHegCLOEa6nlZiWqUpf2cNNgGZYiyB7Fp/Kj2VX3 t5/kl58BDI+KC9WogvgXSKM/aZLK30QeVfc3Vz/GP4ypu5bq4vuZ7r+4d qc6vJmUuDrnc6hPZ9XUGSH7sAPOoDa+66VtEWzYfWaa3+bC/OUBQUr3Py I=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CgAQDZHfNZ/xbLJq1cGQEBAQEBAQEBAQEBBwEBAQEBgzGBEm4ng3qLE49yJohPiC6FRRCCAQcDGAEKhRgChQoWAQIBAQEBAQEBayiFHgEBAQMBASFLCxALGAwbAwICIQYfEQYBDAYCAQGKBwMVEKkRgicmhxgNgyMBAQEBAQEBAQEBAQEBAQEBAQEBAQEOCgWDLoVAKQuBaYENgl6Bb4NNgmEFh1WRLIhFPIRCgiOBAYdMUIR5i3SHOYxeOYh3gTkmCSiBaDQhCB0VSYJkgiM5HIFpPzYBi2sBAQE
X-IronPort-AV: E=Sophos;i="5.44,304,1505779200"; d="asc'?scan'208,217";a="698279204"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Oct 2017 11:55:26 +0000
Received: from [10.61.96.63] (dhcp-10-61-96-63.cisco.com [10.61.96.63]) by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v9RBtPkk030225; Fri, 27 Oct 2017 11:55:25 GMT
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Bernard Aboba <bernard.aboba@gmail.com>
Cc: reap@ietf.org, Mohit Sethi <mohit.m.sethi@ericsson.com>, "saag@ietf.org" <saag@ietf.org>
References: <3dbe94b9-4b2d-1479-8433-8b040cb1cfba@ericsson.com> <CAOW+2ds9Sez7otrs682hqzzXR8qbJYAdPwW8A8TEL+ms_a0=UA@mail.gmail.com> <6b3dcad6-f00c-1fb9-4df6-19f3dc744371@ericsson.com> <CAHbuEH74=Ca8oEWS5YpFByP1o3GaC0NajrZ8ChJxQAoffTajUg@mail.gmail.com> <CAOW+2du_08fcfZs2878LsjnLV8L0cmDMa3pLN2cxQeHbFKxOCA@mail.gmail.com> <112200E8-0E1D-4A38-800D-54892BFF67F6@gmail.com>
From: Eliot Lear <lear@cisco.com>
Message-ID: <dcbfbc1b-1638-57dd-af14-36fcbf848348@cisco.com>
Date: Fri, 27 Oct 2017 13:55:08 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <112200E8-0E1D-4A38-800D-54892BFF67F6@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="TVqle0GMKRf7OxwCq5whJ0CgU3iw7iVM1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/reap/d-X26HJm0nxmQyWiPQ8fnGYwNWo>
Subject: Re: [Reap] [saag] PSA: New list for discussing EAP related methods
X-BeenThere: reap@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "REAP \(RENEW\) EAP" <reap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/reap>, <mailto:reap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/reap/>
List-Post: <mailto:reap@ietf.org>
List-Help: <mailto:reap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/reap>, <mailto:reap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 11:55:35 -0000

Kathleen,

So the plan is to close reap and use emu?

Eliot


On 10/27/17 3:43 AM, Kathleen Moriarty wrote:
> That sounds like the best plan.
>
> Thank you,
> Kathleen 
>
> Sent from my iPhone
>
> On Oct 26, 2017, at 9:16 PM, Bernard Aboba <bernard.aboba@gmail.com
> <mailto:bernard.aboba@gmail.com>> wrote:
>
>> Yes, the EMU WG  list has been used for discussion of EAP methods
>> since the WG closed. 
>>
>> That list is a better venue for discussion of EAP  methods than a new
>> REAP list, so as to ensure that proper attention is paid to backward
>> compatibility, IPR, security properties and other critical aspects of
>> EAP method design. 
>>
>> After all, we are talking about a protocol that is 20+ years old that
>> is implemented on billions of devices, many of which utilize
>> open-source.  
>>
>>
>>
>>
>>
>>
>>
>>
>> On Thu, Oct 26, 2017 at 11:53 AM, Kathleen Moriarty
>> <kathleen.moriarty.ietf@gmail.com
>> <mailto:kathleen.moriarty.ietf@gmail.com>> wrote:
>>
>>     On Thu, Oct 26, 2017 at 1:16 PM, Mohit Sethi
>>     <mohit.m.sethi@ericsson.com <mailto:mohit.m.sethi@ericsson.com>>
>>     wrote:
>>     > Hi Bernard,
>>     >
>>     > The EAP-TLS 1.3 document is a very rough drafty version that
>>     was submitted
>>     > before the cut-off for the last IETF. As you rightly point out,
>>     it has the
>>     > skeleton and a lot of material from RFC5216, and still many
>>     important
>>     > details are missing.
>>     >
>>     > The purpose of this list is to exactly receive these kind of
>>     comments.
>>     > Should RFC5216 be updated or obsoleted by this draft. And it
>>     would be great
>>     > if we can have your contributions to the document. We will
>>     definitely add an
>>     > acknowledgement section and contact the authors of RFC5216 to
>>     see if they
>>     > can contribute and comment. We plan to have more EAP related
>>     contributions
>>     > in the near future. We discussed this with the Security ADs and
>>     thought that
>>     > a separate list would be appropriate to get feedback/criticism and
>>     > contributions from the folks interested.
>>
>>     I'm sorry, I didn't realize that a revision of 5216 was involved and
>>     that the authors were not notified at the onset as is normal practice
>>     in case they want to continue as authors.  Thank you for spotting
>>     this
>>     issue Bernard.
>>
>>     Is there an existing list that should be used?  Is there adequate
>>     overlap in objectives and personnel?
>>
>>     Thank you,
>>     Kathleen
>>
>>     >
>>     > --Mohit
>>     >
>>     >
>>     > On 10/26/2017 06:51 PM, Bernard Aboba wrote:
>>     >
>>     > There are existing functioning IETF mailing lists relating to EAP.
>>     >
>>     > Why are you starting yet another one?
>>     >
>>     > From what I can tell, the EAP-TLS 1.3 draft is merely a copy of
>>     RFC 5216
>>     > (with no acknowledgement to the original authors) stating that
>>     EAP-TLS
>>     > implementations must support TLS 1.3.
>>     >
>>     > This is ridiculous because there are 1+ Billion existing
>>     implementations out
>>     > there that
>>     >
>>     >
>>     > On Thu, Oct 26, 2017 at 6:02 AM, Mohit Sethi
>>     <mohit.m.sethi@ericsson.com <mailto:mohit.m.sethi@ericsson.com>>
>>     > wrote:
>>     >>
>>     >> Dear all,
>>     >>
>>     >> We have started a mailing list for discussing new EAP related
>>     work that
>>     >> currently has no obvious home. The mailing list is called REAP
>>     (Renew EAP)
>>     >> reap@ietf.org <mailto:reap@ietf.org> and you can subscribe here:
>>     >> https://www.ietf.org/mailman/listinfo/reap
>>     <https://www.ietf.org/mailman/listinfo/reap>
>>     >>
>>     >> Recently several new EAP methods have been proposed. These
>>     include for
>>     >> example:
>>     >>
>>     >> EAP-TLS 1.3:
>>     https://tools.ietf.org/html/draft-mattsson-eap-tls13-00
>>     <https://tools.ietf.org/html/draft-mattsson-eap-tls13-00>
>>     >>
>>     >> EAP-NOOB: https://tools.ietf.org/html/draft-aura-eap-noob-02
>>     <https://tools.ietf.org/html/draft-aura-eap-noob-02>
>>     >>
>>     >> EAP-SASL:
>>     https://tools.ietf.org/html/draft-vanrein-eap-sasl-00
>>     <https://tools.ietf.org/html/draft-vanrein-eap-sasl-00>
>>     >>
>>     >> The list serves as a venue for discussion of these and other
>>     EAP related
>>     >> drafts that will be submitted in the near future. As courtesy,
>>     we will post
>>     >> any new draft to SAAG, but we plan to continue the discussion
>>     only on the
>>     >> REAP mailing list. We have also asked for a short presentation
>>     slot during
>>     >> SECDISPATCH at IETF 100 in Singapore.
>>     >>
>>     >> Comments, early feedback, and discussion on existing or new
>>     work is more
>>     >> than welcome.
>>     >>
>>     >> --Mohit
>>     >>
>>     >> _______________________________________________
>>     >> saag mailing list
>>     >> saag@ietf.org <mailto:saag@ietf.org>
>>     >> https://www.ietf.org/mailman/listinfo/saag
>>     <https://www.ietf.org/mailman/listinfo/saag>
>>     >
>>     >
>>     >
>>     >
>>     > _______________________________________________
>>     > saag mailing list
>>     > saag@ietf.org <mailto:saag@ietf.org>
>>     > https://www.ietf.org/mailman/listinfo/saag
>>     <https://www.ietf.org/mailman/listinfo/saag>
>>     >
>>     >
>>     >
>>     > _______________________________________________
>>     > saag mailing list
>>     > saag@ietf.org <mailto:saag@ietf.org>
>>     > https://www.ietf.org/mailman/listinfo/saag
>>     <https://www.ietf.org/mailman/listinfo/saag>
>>     >
>>
>>
>>
>>     --
>>
>>     Best regards,
>>     Kathleen
>>
>>
>
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag