[TLS] FW: Last Call: <draft-ietf-emu-eap-tls13-20.txt> (Using EAP-TLS with TLS 1.3 (EAP-TLS 1.3)) to Proposed Standard
Roman Danyliw <rdd@cert.org> Tue, 07 September 2021 16:26 UTC
Return-Path: <rdd@cert.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EA633A129C for <tls@ietfa.amsl.com>; Tue, 7 Sep 2021 09:26:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DnpvAqyJAuQc for <tls@ietfa.amsl.com>; Tue, 7 Sep 2021 09:26:38 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0092.outbound.protection.office365.us [23.103.209.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FBA33A129D for <tls@ietf.org>; Tue, 7 Sep 2021 09:26:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=u14Sn35LIaRyqYMlwVC0FmZN9bnFpM7t+DApqedF0mmyl7GRIgIbP69S77hvmglgI44eQuHAgX1T2m61w75zfvfUBwXqaXlyQPPVPYMJh0eJ0p0bRP+Iy12pACx9/7+qHsZ6nn67WxAIy1NXrsCecw+4ji1krnPQS0HzcJTzNwYVge8QmIlzqEsPwD/tkwqTezoN4a62n0KunxNLZHXlikH+/o3Pq1FDjeL3BV6Z6Fde759SG1XpKpbZWWfQ5jB2/m/1XY3MBSFrIiv/FpA+ZMCvKKuJAgRbDt+o2jV0G2EofZaWxwD2PS+HRVtT9ucxplM8qAxAHsUBjUv5nWCQng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ej5jTrJjq0cjhw7YIx9fbFCIwCJJrmZEo8KvH4y1hP4=; b=ftA4bLaE//zwpomdPzT2EQf9doxpCxXAVJXhe4DZCdemfo0luxY2Xb3/hK11Vcu+pQ7en00Vnpvp1dhmoYoP/Hr2Ww+6xVBk8Af/Q3WErCaUCEfF3oMb0VFx/p4W1YSXMMictiT0JoI2NtvFdFazUKeY9WLgafqg398miNS2R7iVBfbp4Hbk+tdSkIXSpGeEce8zcg45J1qTk0etRxoHLq+DSdAfr2/ZY4x73zSza/HTCHtSRW5J6ae9LIit68Z3YM/UVytaduRfNdR/1ZxtWSy12umAK+nMQATaHKd6OXk1n9E7shbFe4hm2uhWbMFjGoeO3zG5LJihL78JYbFvnw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ej5jTrJjq0cjhw7YIx9fbFCIwCJJrmZEo8KvH4y1hP4=; b=f0gHgf2/J7+8khcgSpV6w1GAN6TGgfAR7fJqc8IkkI++BAuG/LdOT57TqwFyBjubw6VfrOrMBx+XQ32eVhJPZWbLlP/Nec4qeKFLxYDksaMHWIuuKh+UUBCgto9eqohlobpWsl4Jw3X8t0KKzv+nofdEnZpd8tWOljAXfRRzLV4=
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:134::12) by BN1P110MB0914.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:134::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.22; Tue, 7 Sep 2021 16:26:36 +0000
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650]) by BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650%5]) with mapi id 15.20.4478.025; Tue, 7 Sep 2021 16:26:35 +0000
From: Roman Danyliw <rdd@cert.org>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: Last Call: <draft-ietf-emu-eap-tls13-20.txt> (Using EAP-TLS with TLS 1.3 (EAP-TLS 1.3)) to Proposed Standard
Thread-Index: AQHXo0vV3fAOt6EvxEiZtJ8EySlOHauYcDHw
Date: Tue, 07 Sep 2021 16:26:35 +0000
Message-ID: <BN1P110MB09392F6359A92D4309FE974FDCD39@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM>
References: <163095240489.32587.6236015358932093639@ietfa.amsl.com>
In-Reply-To: <163095240489.32587.6236015358932093639@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c626189a-783d-4e99-d999-08d9721c4312
x-ms-traffictypediagnostic: BN1P110MB0914:
x-microsoft-antispam-prvs: <BN1P110MB09147C4C1D44759676996970DCD39@BN1P110MB0914.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Wv/trKQV8ReHFFtukbba5gB30sRHf/hCZHaRCDhTskVj+XeNVMP0BrIiGZRkOUnBcHlI+WvJbuvoKIJcyzKO8NYpDoDLur5NFkq1/pP8LfMjL4A8enVT9p57w0KSKkIkIXDcAIwCtGtVq0bYH8SawGOJ2vqRUuTmaG4TKgruxYuQWHPFPKO9Uce1gO6RAO6r8AQC9rfql8WLu+xCRZQn6P6dFVmuFBU9TdjPDMu1swvhCbaEShH9nu9NwXWEjhWrauy5zsnO1vbrJMwv6TES2vr8yve6dPIChcNnW8cu6gWjSryJbkpxk9+yP8Yjk4K1zkHNkon1TbQKI0ExPmGa4LZdiKAVQ2zSwtNQCr4v8/zMOv8sJ7bfpiGA4CLlAagbDeytxI/HnPYhxH/cFooGOC4YneBOnooqeCDDfTReRB0TOnW0lJy6LehsXtbEg952EYEvbvYsOKoEvHieYJRQFc9SNy8b06sTq4XAhlxiLoA1muUilI0La33S0ngyLE9zLx3sXqTf7WWujgXBsWL3Aj3Z3bbgrwst4fit4kDSkUrcNMvCsse/UHd2A5NrZOodox2ZFiovxsR88ELZs4FYRBEEUV+IzVZZ2BwsxQ9X6rW8ulp93YISUWKfyBB1wNi8re38DXA8w5nQD07LwEiHdzGnBuSPhmLgVq43nMfEK+Tv/4QPEGGdg912tVtnh1kAcQM+1E1vhqG+cfZXfk0Ypw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(5660300002)(53546011)(122000001)(55016002)(83380400001)(7696005)(6506007)(186003)(38100700002)(9686003)(38070700005)(86362001)(26005)(64756008)(966005)(8936002)(6916009)(8676002)(66946007)(66446008)(66476007)(66556008)(76116006)(71200400001)(33656002)(52536014)(498600001)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Hprr7nmKYY3MS82y+J0zRxUpkFw1OnopxpRT+/p1QkIrE1a8gtpa1C50JJbEG0ItmegAtR7kNzhwFm7Hs1+tRlImB0pnhb7+NmXnDOOxMsEoY5/wXcYi4gi6hrEz4YqCNH6VqHAViHXGtcS5U/K/5s+kPy8ryFzVZ+WJGTlxJT3n5XfSr+iZTdHiMyetzIuS7QEk6FiM+tbhZTXHyyaQTTGOZaPaFSMf0C4DXHl47X8EqXqrhlV5gU7J1RcVamRJuhuxl5v9iuJEiiq99xkHu0hYcTFk2ZLU8uunnZXPWYdYlnAGXakqbAW7y+t6i4/Lny6pzDitFFJHupcKDDmXKC/JA4R5p1vFOmc7STxZcPSP63JWRdPRUW+nmyiX4gmBpGFbovHavsMZdblvpsst3FjBFtXgDKgaoVDH4VevcW7boOK0+7CjLG4vS2SoiJvXOnvoX3uCfMK9vUekIAuRYn5V1ecsORBILxpYTMrJKP5BjOgp9sTtczgf5ILhsgvHU/fObp+Frsd0sb3/GtNE9XrBvwM6vxxYM5LPUKZk29ajFo6V6Jc/7ickVGlMqqAUSe/aMpvrUZuXVMq3TMlH/0muTMjCzzzC5/DTPYqnpxO1IBhTg1bXIIpgw6FNeKAWUenBG+vig5X+xK3hyIBmhV9vsZwDFaOQNBQ8q6gBKL/Y+zBfpF3GIDoWWdzTNQT7XOMftSpY5D/F6wAC5mP1aQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: c626189a-783d-4e99-d999-08d9721c4312
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2021 16:26:35.8036 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1P110MB0914
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2Y6_aiZDs9GcV7uY4eeQh7v3xLA>
Subject: [TLS] FW: Last Call: <draft-ietf-emu-eap-tls13-20.txt> (Using EAP-TLS with TLS 1.3 (EAP-TLS 1.3)) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2021 16:26:44 -0000
Cross-posting to ensure visibility given the support of the TLS WG during the initial IESG Review of this document. -----Original Message----- From: iesg-secretary@ietf.org <iesg-secretary@ietf.org> Sent: Monday, September 6, 2021 2:20 PM To: IETF-Announce <ietf-announce@ietf.org> Cc: Joseph Salowey <joe@salowey.net>; draft-ietf-emu-eap-tls13@ietf.org; emu-chairs@ietf.org; emu@ietf.org; joe@salowey.net; Roman Danyliw <rdd@cert.org> Subject: Last Call: <draft-ietf-emu-eap-tls13-20.txt> (Using EAP-TLS with TLS 1.3 (EAP-TLS 1.3)) to Proposed Standard The IESG has received a request from the EAP Method Update WG (emu) to consider the following document: - 'Using EAP-TLS with TLS 1.3 (EAP-TLS 1.3)' <draft-ietf-emu-eap-tls13-20.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-call@ietf.org mailing lists by 2021-09-20. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Extensible Authentication Protocol (EAP), defined in RFC 3748, provides a standard mechanism for support of multiple authentication methods. This document specifies the use of EAP-Transport Layer Security (EAP-TLS) with TLS 1.3 while remaining backwards compatible with existing implementations of EAP-TLS. TLS 1.3 provides significantly improved security, privacy, and reduced latency when compared to earlier versions of TLS. EAP-TLS with TLS 1.3 (EAP-TLS 1.3) further improves security and privacy by always providing forward secrecy, never disclosing the peer identity, and by mandating use of revocation checking. This document also provides guidance on authentication, authorization, and resumption for EAP-TLS in general (regardless of the underlying TLS version used). This document updates RFC 5216. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/ No IPR declarations have been submitted directly on this I-D.
- [TLS] FW: Last Call: <draft-ietf-emu-eap-tls13-20… Roman Danyliw