Hi Sam, > >>>>> "Hannes" == Hannes Tschofenig > <[EMAIL PROTECTED]> writes: > > Hannes> Hi all, before we spend more time considering EAP > Hannes> tunneling methods like PEAP and TTLS I would like to hear > Hannes> the opinion of our ADs on this subject. So far, the > Hannes> working assumption was that EAP methods that tunnel EAP > Hannes> are outside the scope of the working group. These > Hannes> statements were also repeated during the IETF#68 EMU WG > Hannes> meeting by our ADs. > > I at least don't recall objecting to a tunnel method. If you're going > to do a tunnel method you do need cryptographic binding when tunneling > something that generates a key.
I recall that you rejected the TTLS approach where we would have to add EAP support into TLS. I am also happy to hear that you like providing EAP support in TLS. > > Bernard objected rather strongly to a tunneled method. I recall that as well. Now, he is in favor of it. > > Note that I am not saying you should go in the direction of a tunneled > method; a simple password over tls method is a fine approach. For me as well. > I just > don't recall me making an AD level objection to tunnels. I personally don't care which approach we pick as long as we stick with the same assumptions until the work is finished. For example, very early we said that this password based EAP method is not SRP-like work. I could imagine that someone suggests to reconsider that decision. The rules are simple: Different assumptions for the design => Different protocols as output. Changing the assumptions periodically => Takes longer to complete the work Ciao Hannes _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
