On Oct 30, 2019, at 5:02 AM, Eliot Lear <l...@cisco.com> wrote:
> A fair argument, if it can be made, and I am not convinced it has been fully 
> expressed, is the idea that there is no context by which one can separate 
> fast restart and initial authentication.  This is Alan’s concern.  I’m not 
> saying it’s without merit, but what I cannot yet see is whether it is an 
> implementation or a protocol matter.

  I believe it's a protocol matter.  In TLS 1.3, PSK handshakes are the same as 
resumption handshakes.

  It's not clear to me how this issue was addressed when using TLS 1.3 with 
HTTPS.  But I do believe it's an issue there, too.

  As an additional note, I believe it's also important that 
draft-dekok-emu-tls-eap-types be published at the same time as the EAP-TLS 
document.  The only unknown there is FAST and TEAP.  I'm happy to remove them 
from the document.

  But at this point it's not even a WG document.  There's not even consensus 
that the document necessary, which surprises me rather a lot.  Because 
password-based EAP methods are *much* more wide-spread than EAP-TLS.

  If the IETF publishes EAP-TLS without simultaneously rev'ing TTLS and PEAP, 
it will not only look bad, it will *be* bad.  And the industry press will 
(rightfully) lambast the standards process.

  Alan DeKok.

Emu mailing list

Reply via email to