On Jan 28, 2021, at 9:44 AM, John Mattsson <[email protected]> wrote: > >> Hi, >> >> I am not very happy with adding an additional dummy roundtrip to the 5G >> certificate authentication.
Dummy round trips are bad, unless they serve a purpose. The question here is likely not "what's best" but "what's the least worst choice". >> Fragmentation and slow databases can be optimized away (short chains, small >> certs, 4K or 9K frames) but a mandatory extra roundtrip stays forever. That statement makes me nervous. I don't see how a standards group can make a decision that peoples deployment requirements are invalid, and should be ignored. Whatever the solution is for EAP-TLS, no one will be perfectly happy. If the price for allowing some people to use long chains is that 5G has extra round trips, well... >> Without fragmentation, EAP-TLS 1.3 is now worse than EAP-TLS 1.2 when it >> comes to latency. They have the same number of roundtrips for full >> handshake, but EAP-TLS 1.3 has one more for resumption. In practice, with a >> typical 1500 MTU, EAP-TLS 1.3 is probably faster as long as certificate >> compression (RFC8879, draft-mattsson-cose-cbor-cert-compress-06) are used. >> >> The suggestion from Jim to use application data was adopted Initially. Recent discussion has suggested different ways to achieve the same goal. As a result, we cannot say that the suggestion is currently the consensus. >> After Jim suggested to use application data, the commitment issue was not >> discussed much more. Would e.g. using the reserved bits in the EAP-TLS >> packet be possible or would that cause problems? I think an extra round-trip >> is a sad conclusion to the EAP-TLS 1.3 work. It would be much worse to tell people "you have to throw away your current systems and practices, because some people don't like them". From an implementation point of view, draft-13 is fine for me. The open question is really whether or not we're changing that. The TLS review so far seems to have stalled. Which means to me that the TLS feedback isn't important enough to finalize it. So we should just say "thanks", and stick with draft-13. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
