Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
Martin Thomson <mt@lowentropy.net> Tue, 12 January 2021 00:09 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 73EF63A03F5;
Mon, 11 Jan 2021 16:09:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01,
RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=lowentropy.net header.b=LSwENyS0;
dkim=pass (2048-bit key)
header.d=messagingengine.com header.b=n2lWuLfR
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id CWjqJJDPL2Oq; Mon, 11 Jan 2021 16:09:07 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com
[66.111.4.25])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 17AB73A03F4;
Mon, 11 Jan 2021 16:09:06 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
by mailout.nyi.internal (Postfix) with ESMTP id 5CEDB5C01B1;
Mon, 11 Jan 2021 19:09:05 -0500 (EST)
Received: from imap10 ([10.202.2.60])
by compute1.internal (MEProxy); Mon, 11 Jan 2021 19:09:05 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net;
h=mime-version:message-id:in-reply-to:references:date:from:to
:cc:subject:content-type; s=fm1; bh=FXY5XK2fZRhx9TCJLryOgaMjBCjh
9lzKwXytkEmCIGo=; b=LSwENyS0ZM+ihYHrc89384i+nMQeHKeuwm7hBKR59brR
uRLnA7+OgD6aTvRN69Ju0boEuNtW7rejHaefNZJZdrEbs93C+EL5gwiKro33shOG
9WlZ4df0Au7Rf4lod0DaBWUWTSG3dBL4QeWaXcxKTAHu8GgE4lchytkriDP9qNNN
EuiCaetPHPT6Gd26dAwQjq0WSMWrBswjXWA8mP3k28V6JTKE4hKfjL5GMFFFRjZL
aDcCKnNUt00NCRCA4WG+zoxf7nfhAYX4J5omHeLRdKUv7EH935/oLq0oDqPoow6M
fJC9AUFl4Ix/WaaBp3WQE/1wlJ4284BXx3V+3EPCiQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:content-type:date:from:in-reply-to
:message-id:mime-version:references:subject:to:x-me-proxy
:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=FXY5XK
2fZRhx9TCJLryOgaMjBCjh9lzKwXytkEmCIGo=; b=n2lWuLfRwnhl42zgi5cM9t
fIkaAZ0TyY7fy9dMkBkvhxIE3jWCyZxPN7S40hgvXihq8SJKJalUw+eq2Ua7bXeo
rXTNYlQQKQTRcS5ha/ITIlE5YE+oXd9aELOVuggidHXRWAOieX8bxhyB98l8zZxh
8J83xV9ier9l4ApZVsRbMHWAZAEJghZr4YqzzS51BFzjnyhphUCpUpxQctPsHL4F
87O7ciM/gSms59Wc+w0/rtFcFIvuuBlumt5njXGWItAMBHUss/57iNy3SJLIPiP2
psvpnB0Q33cIOn+S6PvuaKdrN7X+y63Zd/R+EenqBlxaIV4uKQ2jWHG6CD4yHbiQ
==
X-ME-Sender: <xms:oOj8X5XfV_4NFBOQayMJE-Va4fV3Vh4r6-ybnN3iN7uzgmTvFYf9rw>
<xme:oOj8X5ksnNnBH-IlvkYfrlo4uXYIvSYMP9gS8cQOP6rLK2juY_DUOmtJwsfEs315D
04pJ2VHIFL4yuxkR7Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvdehvddgudejucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd
ertderreejnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho
figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeehfeetudduudehtdekhf
dvhfetleffudejgeejffehffevkeduiefgueevkeefleenucevlhhushhtvghrufhiiigv
pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvg
ht
X-ME-Proxy: <xmx:oOj8X1bL_LlZF7jNZgDZlhpuYRWoH75pL0hIMG-iHYk-nrD4lHCgEQ>
<xmx:oOj8X8VDfZvhYzdMWjPtTMl_CrsMq4qqoXAsib3dyX7PwVR8XRMqcg>
<xmx:oOj8XzmdGEsLP5FVcQZ0P-nR8dGnV4fAbiuPX8WK1dj1YXQ49wPDFA>
<xmx:oej8Xyu9m_Hab7yVh4XZSit4g_7upkNtm9Fumg1BTN47njtMHwV7UA>
Received: by mailuser.nyi.internal (Postfix, from userid 501)
id 8BF7A20139; Mon, 11 Jan 2021 19:09:04 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-45-g4839256-fm-20210104.001-g48392560
Mime-Version: 1.0
Message-Id: <ca4c526e-79a0-4fa7-abda-2b626795f068@www.fastmail.com>
In-Reply-To: <CAOgPGoBGOMXH-kMhQSujWxnACdmBL845u0ouE0fUYc4rWtUrZg@mail.gmail.com>
References: <160815821055.25925.15897627611548078426@ietfa.amsl.com>
<20201216223842.GR64351@kduck.mit.edu>
<0f2b05db-5c98-43d4-aae3-cf620814bacc@www.fastmail.com>
<A4BBA31B-8754-4D8C-B0F1-D1C6C859F6AE@deployingradius.com>
<CAOgPGoBvBzhA0q4gFqpFSm2HkAs6NoyLc6RVZYLtTYsNd02i8A@mail.gmail.com>
<e669002f-caff-1e6e-e28b-d09157eb0c07@ericsson.com>
<6241F0B6-C722-449E-AC3A-183DE330E7B5@deployingradius.com>
<9ddd1593-3131-f5cc-d0db-74bf3db697bf@ericsson.com>
<3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com>
<CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com>
<770e6a49-52fc-4e8b-91af-48f85e581fbb@www.fastmail.com>
<CAOgPGoBGOMXH-kMhQSujWxnACdmBL845u0ouE0fUYc4rWtUrZg@mail.gmail.com>
Date: Tue, 12 Jan 2021 11:08:45 +1100
From: "Martin Thomson" <mt@lowentropy.net>
To: "Joseph Salowey" <joe@salowey.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>, "EMU WG" <emu@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3hw1Ozo3fxHhzDhbTdbF_y7uZ6I>
Subject: Re: [TLS]
=?utf-8?q?=5BEmu=5D_Fwd=3A_Benjamin_Kaduk=27s_Discuss_on_d?=
=?utf-8?q?raft-ietf-emu-eap-tls13-13=3A_=28with_DISCUSS_and_COMMENT=29?=
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2021 00:09:09 -0000
On Mon, Jan 11, 2021, at 17:07, Joseph Salowey wrote: > > > On Thu, Jan 7, 2021 at 2:42 PM Martin Thomson <mt@lowentropy.net> wrote: > > Hi Joe, > > > > Thanks for doing this, I think that this is a distinct improvement (and I will take your word for the difficulties involved with further splits). > > > > One point that I made poorly perhaps, and was dismissed, might be worth restating: > > > > MSK = TLS-Exporter("EXPORTER_EAP_TLS_MSK", Type-Code, 64) > > > > [Joe] I think you propose something like this instead (eliminating context): > > MSK = TLS-Exporter("EXPORTER_EAP_TLS_MSK-" + ASCII-Type-Code, 64) > > Where + is concatenation and ASCII-Type-Code is "13" I was not exactly. I was thinking that EAP-TLS uses the unadorned string and other usages (that need a different MSK) define their own string as needed. Though what you describe would scale more, if the ordinality of that scale is bounded by RFC numbers, defining the extra strings would not be that hard. You could provide some sort of infrastructure in the form of a recommended label prefix if you are concerned about misuse.
- [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-… Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-… Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Eric Rescorla
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-… Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-… Benjamin Kaduk
- Re: [TLS] Fwd: Benjamin Kaduk's Discuss on draft-… Benjamin Kaduk
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Salz, Rich
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Michael Richardson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Michael Richardson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Benjamin Kaduk
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Mohit Sethi M
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Joseph Salowey
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Martin Thomson
- Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on … Alan DeKok