IETF Logo Mail Archive

Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)

Joseph Salowey <joe@salowey.net> Mon, 01 February 2021 18:31 UTC

Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88A4D3A1398 for <tls@ietfa.amsl.com>; Mon, 1 Feb 2021 10:31:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HZlu9XZO82Eo for <tls@ietfa.amsl.com>; Mon, 1 Feb 2021 10:30:58 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6D693A139C for <tls@ietf.org>; Mon, 1 Feb 2021 10:30:57 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id m22so13441004ljj.4 for <tls@ietf.org>; Mon, 01 Feb 2021 10:30:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qhSEZOTfMfTjLyRSA/+BS1JbfVw5d5vjqLjl7Qq7Ryc=; b=FqzfEoF10WJNAiLggJVHKvUSLIWQVEPJ7RgxiyOtg79ulhWUqcS0IxC4WQNSX+0/5J wy1eeavgWiyZ+Ap5/6smvmz0bdcfpB8k1pQ2DrZWOj2VjmLUrcieqqVPSjDnJTqHXbDj dIqAvYV3QnjJhnRsCOtQLEpQZpAG2Qfby8nSqF0BGnlR8fUxon6m2K81dWyla2n5VOiM rFv30qW7ab94xVfvjDjDIeLJQUXQBJx35VQJSQ2rn6U7m0bi56aDxQh1eKCh6JarLK7N +CnxuRQ7flUHbpwNm65ftUShO3z83VFElssUH50nXMLmLnZoNrcbL/PDcmmfBEHlAEFX MLmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qhSEZOTfMfTjLyRSA/+BS1JbfVw5d5vjqLjl7Qq7Ryc=; b=pOHgzPRDfTPi1DKGUh+2btaxh2oBc6R7EgWmN71vzhfsbijS/znRYPteBqKeYuhn1z MaTAD4VjRqw06NX8DqfFB8AQoUZSCCNS0BIG7Mp8nNHcC+V0g1WD/5UW7lI9SFywmynI 708zE5lX9QxHm6DZgbXiPicU6BJtm1lAbF7x7Nb2NiF3/j90XRCBZMkPFu5dNurN12w6 N7c8PVSIYOhhKirbFN/k2W4WxbGYmPM7Ou6ZYXOaJ9Rv+D/pqlnyHdSqn2aepp9MnFcP 5l/PsJYbVtHbxBYdgWZn0knYwFKoEHaKjmZRTAhddtIgPPljCYRwr1/tjjsYRDiw9nw7 wPkQ==
X-Gm-Message-State: AOAM531SELeyOaFRFtbuL4o1/97y23onoV38p3qduGu5eaac7J/k0tHH Hy0IOccHskUMuV3XGfyoMKtBhEi03+RaZVS3ePJPklpOjFo=
X-Google-Smtp-Source: ABdhPJxhXirAWCwBhmtcUKIaMBAKX930PUBQrTxrrSmOvmezJcEx0WhQMidqpwYQx9ZMxKqbwVD9TB94Do8Z3snbiFg=
X-Received: by 2002:a2e:870d:: with SMTP id m13mr11327140lji.64.1612204254574; Mon, 01 Feb 2021 10:30:54 -0800 (PST)
MIME-Version: 1.0
References: <9ddd1593-3131-f5cc-d0db-74bf3db697bf@ericsson.com> <3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com> <CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com> <770e6a49-52fc-4e8b-91af-48f85e581fbb@www.fastmail.com> <CAOgPGoBGOMXH-kMhQSujWxnACdmBL845u0ouE0fUYc4rWtUrZg@mail.gmail.com> <ca4c526e-79a0-4fa7-abda-2b626795f068@www.fastmail.com> <3409F71E-4CE4-46BB-8079-BFBE9BE83C9A@deployingradius.com> <66157321-55DC-4831-8EF2-D75934D9024C@deployingradius.com> <20210129183220.GI21@kduck.mit.edu> <1A830492-3404-4BCC-844B-D7D950458BD9@deployingradius.com> <20210201171155.GB21@kduck.mit.edu>
In-Reply-To: <20210201171155.GB21@kduck.mit.edu>
From: Joseph Salowey <joe@salowey.net>
Date: Mon, 01 Feb 2021 10:30:43 -0800
Message-ID: <CAOgPGoA9FqzEGr5_XVYVr2bairdWdNV-Bh8PX462cRKcSrjpug@mail.gmail.com>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: Alan DeKok <aland@deployingradius.com>, "<tls@ietf.org>" <tls@ietf.org>, EMU WG <emu@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e6560a05ba4a8d78"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-uXCTqOI-89zaVhHNrtZrhZL2Cc>
Subject: Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2021 18:31:01 -0000

On Mon, Feb 1, 2021 at 9:12 AM Benjamin Kaduk <kaduk@mit.edu> wrote:

> Hi Alan,
>
> I'll second the thanks for putting this together; I think it covers the
> important open points.
>
> I did belatedly remember one more thing that is perhaps not critical, but
> would also be good to get an answer for:
>
> On Fri, Jan 29, 2021 at 03:00:51PM -0500, Alan DeKok wrote:
> [...]
> >
> > DISCUSS: other than word-smithing the above points, are there serious
> objections to the behaviour documented in -13?  i.e. does the IETF want to
> recommend that EAP-TLS alpha testing begins *now*, or should it wait until
> 2022?
>
> I think that an exchange between Martin and Mohit raised the question of
> whether the EAP server-id and peer-id would be available for use in the
> 'context' argument of the TLS Exporter, as that would help strengthen the
> binding between keys and the authentication exchange.
> I do recall a mention that WolfSSL doesn't support a context argument for
> the exporter, but I don't know how prohibitive that limitation would be in
> practice.
>
>
[Joe] This could also address the early export of keys before the peer is
authenticated. RFC 5216 provides a canonical way to create these IDs, but
I'm not sure anyone follows it today and it may be difficult to implement
in practice due to ordering.  It might be simpler to just specify that the
end entity peer and client certificates are used in the key derivation.
Most libraries provide APIs to get the raw certs.
It looks like the WolfSSL API that Mohit linked is specifically for RFC5216
EAP keys and not a general exporter API.  I'm not sure if they have a
general exporter API.


> -Ben
>
> _______________________________________________
> Emu mailing list
> Emu@ietf.org
> https://www.ietf.org/mailman/listinfo/emu
>

v2.23.0 | Report a Bug | By Email