On Jun 11, 2021, at 9:56 AM, Mohit Sethi M <[email protected]> wrote: > > I guess you know that there are several implementations of the draft > some of which are already deployed.
While that's a nice comment telling me what I already know, it doesn't address my point. The fact that implementations exist does not mean that the specification is sufficient to create an implementation. The implementors have had many "behind the scenes" discussions about how to implement EAP-TLS 1.3. The outcome of those discussions was shared among implementors. That information is largely what enabled inter-operability. Information which is not all reflected in the document. I have suggested repeatedly that the document contain sufficient information to create a secure and inter-operable implementation. It's not clear to me why these suggestions have been ignored, or rejected. > It is of course nice to strive for perfection. That comment misrepresents my position. > Could you please submit a pull request addressing your > unaddressed comments. I gave suggested text in my messages. These comments were largely ignored across multiple reviews. This is not how we should work towards consensus. If the goal of this document is simply to get it published, then I withdraw all of my objections. Implementors will then share extra knowledge behind the scenes. If the goal of this document is to enable secure and inter-operable implementations, then it would be useful to address comments from major implementors. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
