Re: [Emu] I-D Action: draft-ietf-emu-rfc7170bis-02.txt

On Jan 9, 2023, at 2:43 AM, Alexander Clouter wrote: Fixed, unless otherwise noted / discussed. > Section 3.3.1 - EAP Sequences > > * "Upon completion of each EAP method in the tunnel, the server MUST send an > Intermediate-Result TLV indicating the result of the inner EAP method. The

[Emu] emu - New Meeting Session Request for IETF 116

A new meeting session request has just been submitted by Peter E. Yee, a Chair of the emu working group. - Working Group Name: EAP Method Update Area Name: Security Area Session Requester: Peter Yee Number of Sessions: 1 Length of

Re: [Emu] I-D Action: draft-ietf-emu-rfc7170bis-02.txt

On Mon, 9 Jan 2023 at 09:43, Alexander Clouter wrote: Section 3.8.3 - Server Unauthenticated Provisioning Mode > > "Phase 2 EAP methods used in Server Unauthenticated Provisioning Mode MUST > provide mutual authentication, provide key generation, and be resistant to > dictionary attack. Example

Re: [Emu] Proposed resolution for TEAP errata 5767

On Jan 8, 2023, at 10:39 PM, Joseph Salowey wrote: > > Since this errata is about aligning terminology throughout the document I > propose that this resolution would be "Hold for Update" since it would > require editorial changes throughout the document. We would still need to > resolve this

Re: [Emu] Meta Issue (Re: I-D Action: draft-ietf-emu-rfc7170bis-02.txt)

On Jan 9, 2023, at 2:53 AM, Eliot Lear wrote: > > My suggestion is that this draft not be moved to WGLC until we have working > code in hostap for it. Even better if FR and ISE also match and can test > against MSFT. We've pushed changes into hostap, and Jouni has also done some work.

Re: [Emu] Resolution for TEAP Errata 5128

On Mon, 9 Jan 2023, at 14:11, Heikki Vatiainen wrote: >> On a related note, whilst we are here, it does raise the question on how we >> got: >> >> "...the length is 64 octets..." and "First 32 octets of TLS-PRF(...)" >> >> The '0x00 || 0x40' (64 network order 16bit length concatenation) looks

Re: [Emu] Resolution for TEAP Errata 5128

On Mon, 9 Jan 2023 at 10:57, Alexander Clouter wrote: Problem is this section has the instruction "generate 64 bytes, use the > first 32..." and after personally getting tripped up[1] on the different > though used with TLS-Exporter which for TLSv1.3 now generates wildly > different outputs

Re: [Emu] I-D Action: draft-ietf-emu-rfc7170bis-02.txt

On Thu, 5 Jan 2023, at 20:13, internet-dra...@ietf.org wrote: > Title : Tunnel Extensible Authentication Protocol (TEAP) Version 1 > Filename: draft-ietf-emu-rfc7170bis-02.txt > Pages : 101 <-- "now available over the counter to deal with > insomnia..." > Date

Re: [Emu] Meta Issue (Re: I-D Action: draft-ietf-emu-rfc7170bis-02.txt)

On Mon, 9 Jan 2023, at 07:53, Eliot Lear wrote: > My suggestion is that this draft not be moved to WGLC until we have > working code in hostap for it.  Even better if FR and ISE also match and > can test against MSFT. FreeRADIUS interops with Win10/11 and hostapd (wpa_supplicant/eapol_test)

Re: [Emu] Resolution for TEAP Errata 5128

On Mon, 9 Jan 2023, at 03:34, Joseph Salowey wrote: > The definition of the TLS-PRF is given in 5246 as: > > PRF(secret, label, seed) = P_(secret, label | seed) > > This construction only defines 3 parameters and does not define a length. I > don't think current implementations include the