Hi Alan
I think you accidently took the key derivation from
draft-mattsson-eap-tls13-00. The key derivation in draft-mattsson-eap-tls13-03
is:
Key_Material = TLS-Exporter("EXPORTER_EAP_TLS_Key_Material", "", 128)
IV = TLS-Exporter("EXPORTER_EAP_TLS_IV", "", 64)
Method-Id = TLS-Exporter("EXPORTER_EAP_TLS_Method-Id", "", 64)
Session-Id = 0x0D || Method-Id
According to Section 6.2 of RFC 3748 the EAP Method Type values are between
1-4294967295 (2^32 - 1) so while the Method Types of current TLS-based EAP
methods are a single byte, future TLS-based EAP methods could use 2 or more
bytes.
https://tools.ietf.org/html/rfc3748#page-41
https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-4
I think your suggestion of adding the EAP Method Type as context_value seems
like a good idea. draft-mattsson-eap-tls13 should then be changed to:
Method_Type = 0x0D
Key_Material = TLS-Exporter("EXPORTER_EAP_TLS_Key_Material", Method_Type,
128)
IV = TLS-Exporter("EXPORTER_EAP_TLS_IV", Method_Type, 64)
Method-Id = TLS-Exporter("EXPORTER_EAP_TLS_Method-Id", Method_Type, 64)
Session-Id = Method_Type || Method-Id
/John
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
