Hi, We have submitted the following new draft to address the issue of linking reauthentication in EAP-AKA' FS, pointed out in Section 7.6 of RFC 9678.
The draft updates the TEKs with forward security, so that the delivery and usage of the reauthentication IDs become secure against attackers who compromised the long-term key. Your comments and reviews are the most appreciated. Cheers, Guilin & Zhongding 发件人:[email protected] <[email protected]<mailto:[email protected]>> 收件人:Wang Guilin <[email protected]<mailto:[email protected]>>;Wang Guilin <[email protected]<mailto:[email protected]>>;Lei Zhongding (Zander) <[email protected]<mailto:[email protected]>>;Lei Zhongding (Zander) <[email protected]<mailto:[email protected]>> 时 间:2026-03-03 11:28:46 主 题:New Version Notification for draft-wang-emu-fs-reauth-00.txt A new version of Internet-Draft draft-wang-emu-fs-reauth-00.txt has been successfully submitted by Guilin Wang and posted to the IETF repository. Name: draft-wang-emu-fs-reauth Revision: 00 Title: Forward Secure Reauthentication in the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA') Date: 2026-03-02 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-wang-emu-fs-reauth-00.txt Status: https://datatracker.ietf.org/doc/draft-wang-emu-fs-reauth/ HTML: https://www.ietf.org/archive/id/draft-wang-emu-fs-reauth-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-wang-emu-fs-reauth Abstract: This draft specifies an update to RFC 9678, "Forward Secrecy Extension to the Improved Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS)", and its predecessors RFC 9048, RFC 5448, and RFC 4187. This update enables forward security of the Transient EAP Keys (TEKs) for protecting EAP packets, which are not in EAP-AKA' FS. Based on this extension, the executions of reauthentication after a full authentication will be unlinkable to each other and then the privacy of end users is enhanced. This udapte is optional to the above standards. The IETF Secretariat
_______________________________________________ Emu mailing list -- [email protected] To unsubscribe send an email to [email protected]
