Hi,
I have reviewed the document. I think it is ready. There is interest to use
these methods in 5G. TLS 1.3 is a must going forward.
Comments:
- The MAC function in section 2.2 is not defined. I assume it should be HMAC.
Suggestion:
OLD
For TLS 1.3, the hash function used is the same as the
ciphersuite hash function negotiated for HKDF in the key schedule, as
per section 7.1 of RFC 8446.
NEW
For TLS 1.3, MAC is HMAC using the ciphersuite hash function negotiated for
HKDF in the key schedule, as per section 7.1 of RFC 8446.
- "As the outer identity is simply an anonymous routing identifier"
"The outer identity contains an NAI realm, which ensures that
the inner authentication method is routed to the correct destination."
Is this section talking about two different "outer identifier"? The identity
in the
identity response is a routing identifier. Security properties like
"ensures" is
given be the identity in the TLS server certificate (to my understanding).
Editorial comments:
- The RFC style guide RFC 7322 states that the abstract must not contain
citations.
- draft-ietf-emu-eap-tls13 is now RFC 9190. Some text in abstract and intro
should be updated from "is being updated" to "has been updated".
- Section 1 Introduction should say something like "This document updates those
methods in order to use the new key derivation methods available in TLS 1.3."
The current formulations are "we wish" and "it is necessary".
- "MSK and EMSK are then derived",
Suggestion "The outer MSK and EMSK are then derived"
- "Unlike previous TLS versions, TLS 1.3 can continue negotiation after the
initial
TLS handshake has been completed"
Previous TLS versions had renegotiation.
- OLD
but less interest in EAP-FAST and TTLS.
NEW
but less interest in EAP-FAST and TEAP.
- "do not provide for protected success and failure indicators as part of the
outer TLS exchange."
Could be good to inform the reader that the TLS alerts are still sent (I
assume)
but not used by EAP.
- "concatetation"
"cloude"
"changover"
"deriviation"
"authenticaton"
"succeeed"
"identies" (several places)
"ciphersuite" (TLS uses the spelling cipher suite)
"NewSessionTicketMessage" (NEW: NewSessionTicket message)
Cheers,
John
From: Emu <[email protected]> on behalf of Joseph Salowey <[email protected]>
Date: Friday, 18 February 2022 at 18:19
To: EMU WG <[email protected]>
Subject: [Emu] Working Group Last Call for TLS-based EAP types and TLS 1.3
This is a working group last call for TLS-based EAP types and TLS 1.3. The
document is available here:
https://datatracker.ietf.org/doc/draft-ietf-emu-tls-eap-types/
Please review the document and provide comments by March 4, 2022
Thanks,
Joe and Mohit
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
