See comments inline

-----Original Message-----
From: Alan DeKok <>
Date: Thursday, 12 September 2019 at 15:56
To: Aura Tuomas <>
Cc: EMU WG <>, "" 
Subject: Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13
Resent from: <>
Resent to: John Mattsson <>, <>
Resent date: Thursday, 12 September 2019 at 15:56

>    Alan DeKok wrote:    
>    On Sep 12, 2019, at 9:53 AM, Aura Tuomas <> wrote:
>   > 
>    > I was looking at the EAP-TLS with TLS 1.3 draft and noticed that it 
> forbids PSK >authentication. Why is that?
There was discussion regarding this on the list some years ago. The conclusion 
was to use the EAP-TLS Type-Code should be exclusively for certificate 
authentication. At that point, nobody expressed wish to use EAP-TLS with PSK 
authentication. If someone wants to use EAP-TLS with symmetric keys that should 
probably be a  new code point.

>      See Section 2.1.2.  TLS 1.3 uses PSK for resumption.  As a result, we 
> *cannot* use PSK for >authentication in EAP-TLS.

I don't understand why this could not be done. My view is that allowing PSK 
authentication would be quite easy.

>    > While there is the EAP-PSK method, I would much rather use EAP-TLS with 
> PSK because it >provides identity protection and perfect forward secrecy, 
> unlike EAP-PSK. 
>      Use EAP-PWD for that.

Standardizing EAP-TLS should only be done if it has some significant advantages 
over EAP-PWD, and there are people wanting to implement and use it. 3GPP is 
e.g. adding  identity protection and perfect forward secrecy to EAP-AKA instead.

>    > In fact, I think EAP-TLS with PSK should become the standard 
> authentication method for >networks that rely on shared secrets, e.g. 
> WPA-Personal. Unifying the Wi-Fi authentication >around EAP would greatly 
> simplify the Wi-Fi protocol stack. Not that I expect it to happen 
> >immediately, but we should not close sensible paths forward.
>      The time to fix that was before TLS 1.3 was standardized.
>      Alan DeKok.

Emu mailing list

Reply via email to