http://trac.tools.ietf.org/wg/emu/trac/ticket/34 Dan proposed text for server unauthenticated provisioning. This is still in discussion on the list and has not be incorporated into the the draft.
TEAP draft 01, http://tools.ietf.org/html/draft-ietf-emu-eap-tunnel-method-01 Section 3.2 Old text: "Other ciphersuites MAY be supported. It is RECOMMENDED in the case when the inner authentication method provides man-in-the-middle protection [Editor's Note: The use of Anonymous Cipher Suites is still under discussion on the list]." New Text: "Other ciphersuites MAY be supported. It is REQUIRED that anonymous ciphersuites such as TLS_DH_anon_WITH_AES_128_CBC_SHA only be used in the case when the inner authentication method provides mutual authentication, key generation, and resistance to to man-in-the-middle and dictionary attack." Suggest to leave the Server Unauthenticated Provisioning Mode to another document.
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu