Hi Dan,
Dan Harkins wrote:
Hi,
I just glanced over this draft. In section 12.1 each of the security
claims seems to refer to sections from the -08 version of the draft.
For instance,
Confidentiality: No (section 11.14 and 11.16)
where in the -08 draft sections 11.14 and 11.16 discuss ID protection
and confidentiality, respectively, but it's 12.15 and 12.17 in the -09
version. Am I misreading this somehow?
You are right. We should have used <xref target=".."/> in the XML text
rather than hardcoding it. The structure changed but we forgot to update
this text.
I also think that the security claims in 12.1 should explicitly spell
out whether they meet RFC 4017 requirements, like the charter says.
I'm glad that my comment on non-resistance to dictionary attack
was accepted. Thanks! But I still think that section is somewhat
ambiguous. It says, "Users who use passwords as the basis of their PSK
are not protected against dictionary attacks." Well, that's true but users
who do not use passwords as the basis of their PSK are also not protected
against dictionary attacks!
I'd like to suggest the following text for section 12.7:
The success of a dictionary attack against EAP-GPSK depends on
the strength of the long-term shared secret (PSK) it uses. The
PSK used by EAP-GPSK SHOULD be drawn from a pool of secrets that
is at least 2^128 bits large and whose distribution is uniformly
random. Note that this does not imply resistance to dictionary
attack, only that the probability of success in such an attack
is acceptably remote.
That is, I believe, fair, accurate, and unambiguous.
Aren't we saying essentially the same in the previous sentences?
------------------------------------------------------------------------------------------------
12.7. Dictionary Attacks
EAP-GPSK relies on a long-term shared secret (PSK) that SHOULD be
based on at least 16 octets of entropy to be fully secure. The EAP-
GPSK protocol makes no special provisions to ensure keys based on
passwords are used securely. Users who use passwords as the basis of
their PSK are not protected against dictionary attacks. Derivation
of the long-term shared secret from a password is strongly
discouraged.
------------------------------------------------------------------------
If you think we haven't discouraged folks enough to use passwords
with the current text then we could add your text in addition to it.
Ciao
Hannes
regards,
Dan.
On Fri, June 27, 2008 8:30 am, [EMAIL PROTECTED] wrote:
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the EAP Method Update Working Group of the
IETF.
Title : EAP Generalized Pre-Shared Key (EAP-GPSK) Method
Author(s) : C. Clancy, H. Tschofenig
Filename : draft-ietf-emu-eap-gpsk-09.txt
Pages : 38
Date : 2008-06-27
This Internet Draft defines an Extensible Authentication Protocol
method called EAP Generalized Pre-Shared Key (EAP-GPSK). This method
is a lightweight shared-key authentication protocol supporting mutual
authentication and key derivation.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-emu-eap-gpsk-09.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
