> -----Original Message----- > From: Hao Zhou (hzhou) > Sent: Monday, January 28, 2008 1:50 PM > To: Joseph Salowey (jsalowey); [email protected] > Subject: RE: [Emu] WG consensus on charter update > > Joe: > > I am ok with the updated charter, with the following minor comments: > > 1. Should we add crypto-agility to the requirements of tunnel > method? >And maybe strong shared secret method as well?
[Joe] I think crypto agility is a well accepted requirement, but I can explicitly add it. > 2. Move this paragraph right after the tunnel method > paragraph, as it reference the tunnel method above. This way > if causes less confusion with the TLS based channel binding method. > "A mechanism meeting RFC 3748 and RFC 4017 requirements that > makes use of existing password databases such as AAA > databases. This item will be based on the above tunnel method." [Joe] Since we have two work items that reference tunnel method, how about changing "above tunnel method" to "tunnel method work item"? > 3. TLS based channel binding paragraph: > "Enable a TLS-based EAP method to support channel bindings. > So as to enable RFC 2716bis to focus solely on clarifications > to the existing protocol, this effort will be handled in a > separate document. This item will not generate a new method, > rather it will enhance EAP-TLS or the TLS based tunnel method." > > What does "will not generate a new method" mean? If we > enhance EAP-TLS, we are likely need to create a new method ID > (the current one doesn't have a version field). Even if we > do, likely we will create backward compatibility issue. Sound > like the tunnel method is better, so we creating minimum new > EAP methods. > If we choose the TLS based tunnel method, the > requirements already cover the channel binding. Why don't we > just make the decision now and say it is part of the tunnel > method, or at least make the minimum operation mode of the > tunnel method is just TLS with channel binding? > [Joe] Jari requested that we do not close the door and create a solution that works only with a tunnel method in the charter. If the solution requires large modifications to EAP-TLS then it probably won't be attractive to the group. I think it is reasonable to keep this open in the charter. > > > -----Original Message----- > > From: Joseph Salowey (jsalowey) > > Sent: Thursday, January 24, 2008 12:45 PM > > To: [email protected] > > Subject: [Emu] WG consensus on charter update > > > > So far I have only seen responses from Dan Harkins on the proposed > > charter update ( > > http://www1.ietf.org/mail-archive/web/emu/current/msg00712.html ) > > > > Please respond on the list if you have reviewed the charter > and have > > comments or if you approve of the current text. > > Also make sure to review the milestones. > > > > Thanks, > > > > Joe > > > > > > _______________________________________________ > > Emu mailing list > > [email protected] > > https://www1.ietf.org/mailman/listinfo/emu > > > _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
