I like Bernard's text better.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Bernard Aboba
> Sent: Wednesday, April 30, 2008 7:54 PM
> To: Joseph Salowey (jsalowey); emu@ietf.org
> Subject: Re: [Emu] EMU charter revisi
dnesday, April 30, 2008 4:54 PM
> To: Joseph Salowey (jsalowey); emu@ietf.org
> Subject: RE: [Emu] EMU charter revision,
>
> [Joe] Jari had asked to keep this open to TLS. I think he
> was suggesting it could be done as a TLS extension and would
> not require tunneling. I agr
[Joe] Jari had asked to keep this open to TLS. I think he was
suggesting it could be done as a TLS extension and would not require
tunneling. I agree that we do not want to extend EAP-TLS to do
tunneling.
How about:
"- Enable a TLS-based EAP method to support channel bindings. This item
will n
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Bernard Aboba
> Sent: Tuesday, April 29, 2008 12:50 PM
> To: emu@ietf.org
> Subject: Re: [Emu] EMU charter revision,
>
> In re-reading this charter, I still don't thi
Hi Hao,
On Wed, April 30, 2008 9:34 am, Hao Zhou (hzhou) wrote:
> Dan wrote:
>
>> The real thing holding up adoption of EAP-pwd as a work
>> item is finishing work on the tunneled method. Which wouldn't
>> be such a bad thing if we were further along towards that
>> goal after Philly than we
; To: Hao Zhou (hzhou)
> Cc: Dan Harkins; Yoav Nir; emu@ietf.org
> Subject: RE: [Emu] EMU charter revision
>
>
> Hao,
>
> On Mon, April 28, 2008 10:32 am, Hao Zhou (hzhou) wrote:
> > Dan:
> >
> > Now you have changed to argue that tunnel method is not the rig
In re-reading this charter, I still don't think we're quite there:
a. Why is there still a charter item for EAP-TLS? This work hasbeen
completed, no?
b. Attempting to extend EAP-TLS to support tunneling or channel bindings
is not appropriate. EAP-TLS already widely deployed, with large in
es (IKEv2, TLS,
> etc.) if
> the group wants to take this direction. What do you see lacking in
> something like EAP-GTC?
>
> Cheers,
>
> Joe
>
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
>> Behalf Of Yoav
978
Mobile: 781-799-0233
Skype: gene02421
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Gene
> Chang (genchang)
> Sent: Monday, April 28, 2008 3:44 PM
> To: Dan Harkins
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU charter
02421
> -Original Message-
> From: Dan Harkins [mailto:[EMAIL PROTECTED]
> Sent: Monday, April 28, 2008 3:22 PM
> To: Gene Chang (genchang)
> Cc: Dan Harkins; Stephen Hanna; emu@ietf.org
> Subject: RE: [Emu] EMU charter revision
>
>
> Gene,
>
> I don't
expense of a
> weak technical outcome.
>
> Gene
>
>
>
> Eugene Chang (genchang)
> Cisco Systems
> Office: 603-559-2978
> Mobile: 781-799-0233
> Skype: gene02421
>
>
>
>&g
mailto:[EMAIL PROTECTED] On
> Behalf Of Yoav Nir
> Sent: Monday, April 28, 2008 5:13 AM
> To: emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
> Gene Chang said:
>
>
>
> Dan,
> I am not sure I am able to clearly understand the end
> re
asked why are tunneled GTC and tunneled MD5 not OK; you asked what
is the use case for EAP-pwd. I answered both: consistency principle and a
need for robustness, respectively.
Dan.
>> -Original Message-----
>> From: Dan Harkins [mailto:[EMAIL PROTECTED]
>> Sent: Monday, Ap
genchang)
> Cc: Dan Harkins; Stephen Hanna; emu@ietf.org
> Subject: RE: [Emu] EMU charter revision
>
>
> Hi Gene,
>
> I'm not pushing a tunneled method. We have enough of those and their
> differences are not so great.
>
> Yes, I was using "snail r
ginal Message-
> From: Dan Harkins [mailto:[EMAIL PROTECTED]
> Sent: Monday, April 28, 2008 12:45 PM
> To: Hao Zhou (hzhou)
> Cc: Yoav Nir; emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
>
> Hold on a second there Hao. A security proof was never a
> requir
the three use case you cited, EAP-GTC or MD5
> doesn't meet the requirements, as they are all running inside an
> authenticated and encrypted tunnel?
>
>
>
>
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Yoav Nir
> Sent: Monday, April 28, 2008 8:13 AM
&
>
>
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Dan
>> Harkins
>> Sent: Monday, April 28, 2008 2:12 AM
>> To: Stephen Hanna
>> Cc: emu@ietf.org
>> Subject: Re: [Emu] EMU charter revision
>>
as they are all running inside an
authenticated and encrypted tunnel?
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Yoav Nir
Sent: Monday, April 28, 2008 8:13 AM
To: emu@ietf.org
Subject: Re: [Emu] EMU c
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Yoav Nir
Sent: Monday, April 28, 2008 8:13 AM
To: emu@ietf.org
Subject: Re: [Emu] EMU charter revision
Gene Chang said:
Dan,
I am not sure I am able to clearly understand the end result you
seek.
It seems there is
Gene Chang said:
Dan,
I am not sure I am able to clearly understand the end result you seek.
It seems there is a clear consensus for a tunneled method. Are you
pushing for the addition of a tunneled method?
Ok... I am easily baited. What would you like to see to achieve more
than a snail race?
1-799-0233
Skype: gene02421
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Dan
> Harkins
> Sent: Monday, April 28, 2008 2:12 AM
> To: Stephen Hanna
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
>
; Dan Harkins
> Sent: Friday, April 25, 2008 5:43 PM
> To: Joseph Salowey (jsalowey)
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
>
> Hi Joe,
>
> Once again, a call for comments and I'm the only one to comment.
>
> Whether removing that lin
the issues and language have been
hashed through many times.
Thanks,
Steve
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Dan Harkins
Sent: Friday, April 25, 2008 5:43 PM
To: Joseph Salowey (jsalowey)
Cc: emu@ietf.org
Subject: Re: [Emu] EMU charter revis
April 11, 2008 2:49 pm, Joseph Salowey (jsalowey) wrote:
>
>
>> -Original Message-
>> From: Dan Harkins [mailto:[EMAIL PROTECTED]
>> Sent: Friday, April 11, 2008 10:38 AM
>> To: Joseph Salowey (jsalowey)
>> Cc: emu@ietf.org
>> Subject: Re: [Emu] EMU
> -Original Message-
> From: Dan Harkins [mailto:[EMAIL PROTECTED]
> Sent: Friday, April 11, 2008 10:38 AM
> To: Joseph Salowey (jsalowey)
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
>
> Hi Joe,
>
> Thank you for giving m
Hi Joe,
Thank you for giving me the opportunity to object, once again, to
the last sentence in the last item in the charter. If you were to
run the following sed filter on the charter I would approve:
s/This item will be based on the above tunnel method.//
What is the process here? This
Below is a revision to the EMU charter that is intended to reflect the
discussions in the Philadelphia meeting. Please respond to the list if
you approve of the charter or if you have any comments on the charter.
I would like to have responses by 4/24.
Thanks,
Joe
Description of Working Group:
I agree with Bernard on all points.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Bernard Aboba
Sent: Friday, February 22, 2008 2:54 AM
To: emu@ietf.org
Subject: Re: [Emu] EMU Charter revision
Hi Bernard,
Comments inline below:
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Bernard Aboba
> Sent: Thursday, February 21, 2008 11:54 AM
> To: emu@ietf.org
> Subject: Re: [Emu] EMU Charter revision
>
> I also do NO
Yoshi,
I disagree. I think channel binding can and should be be provided by EAP
methods.
An approach that can be used to add channel binding to any EAP method that
supports mutual authentication and key establishment is outlined in:
http://tools.ietf.org/id/draft-clancy-emu-aaapay-00.txt
and
htt
I have an opinion about Channel Binding. Based on discussion to
create RFC 4962 and draft-ietf-hokey-key-mgt, I came to believe that
EAP method is not the right tool to solve the Channel Binding problem
even if RFC 3748 has Channel Binding in its list of security claims on
EAP method. This is bec
e password only method" such as the on
proposed in the draft?
Thanks,
Joe
> -Original Message-
> From: Dorothy Stanley [mailto:[EMAIL PROTECTED]
> Sent: Friday, February 22, 2008 8:25 AM
> To: Joseph Salowey (jsalowey)
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU cha
In practice it is difficult to securely support self-signed certificates.
There are several issues involved:
a. Vulnerability to man-in-the-middle attack on initial provisioning. For
wireless networks, this is a significant risk, more so than with protocols like
SSH, where initial contact mi
the wrong way todo that.
> See for example the interesting work done in the KEYPROV working group.
>
>> For example, EAP FAST provisioning is vulnerable to man-in-the-middle
>> attack or dictionary attack, which could be removed with use of "zero
>> knowledge"
o man-in-the-middle
> attack or dictionary attack, which could be removed with use of "zero
> knowledge" algorithms.
>
Need to look at this aspect of the draft again.
Ciao
Hannes
> Subject: AW: [Emu] EMU Charter revision
> Date: Fri, 22 Feb 2008 15:34:56 +0100
> F
tionary attack, which could be removed with use
of "zero knowledge" algorithms.
Subject: AW: [Emu] EMU Charter revision
Date: Fri, 22 Feb 2008 15:34:56 +0100
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; emu@ietf.org
Hi Bernard,
a question your excitment regarding strong p
annot quite understand the motivation.
>>>
>>> Ciao
>>> Hannes
>>>
>>>
>>>
>>> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
>>> Auftrag von ext Bernard Aboba
>>> Gesendet:
___
>>
>> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
>> Auftrag von ext Bernard Aboba
>> Gesendet: Donnerstag, 21. Februar 2008 21:54
>> An: emu@ietf.org
>> Betreff: Re: [Emu] EMU Charter revision
>>
>
rd Aboba
> Gesendet: Donnerstag, 21. Februar 2008 21:54
> An: emu@ietf.org
> Betreff: Re: [Emu] EMU Charter revision
>
>
> I also do NOT approve of the current charter revision, for
> several reasons:
>
> a. The Charter text contains statements t
Joe,
I do not approve of the charter revision; the charter should not prohibit
the group
from using a non-tunneled method for the password-based method.
My previous mail gave a suggested charter text change.
I can participate as a reviewer.
Thanks,
Dorothy Stanley
On Tue, Feb 19, 2008 at 11:1
An: emu@ietf.org
Betreff: Re: [Emu] EMU Charter revision
I also do NOT approve of the current charter revision, for
several reasons:
a. The Charter text contains statements that are no longer
true. For example:
"Most of thes
I also do NOT approve of the current charter revision, for several reasons:
a. The Charter text contains statements that are no longer true. For example:
"Most of these methods are proprietary methods and only a few methods
are documented in RFCs."
The following EAP methods are now documented
Hi Joe,
I do NOT approve of the current charter revision, specifically the
change that says the password-based method can only be via the
tunneled method. I do approve of the inclusion of tunneled methods
in the charter though and would be willing to contribute as a
reviewer.
regards,
D
, 2008 2:15 PM
To: Joseph Salowey (jsalowey); emu@ietf.org
Subject: Re: [Emu] EMU charter revision
The response to the charter revision has been underwhelming. I am a bit
concerned that we do not have enough participation to complete the
tunnel method work (most of the recent discussion has been
Joseph Salowey (jsalowey) wrote:
> Please respond to this message and state whether you approve of the
> current charter revision and what capacity you would be willing to
> contribute towards tunneled method development: contributor, reviewer or
> not able to contribute.
I approve of the char
lowey (jsalowey); emu@ietf.org
> Subject: Re: [Emu] EMU charter revision
>
> The response to the charter revision has been underwhelming.
> I am a bit concerned that we do not have enough participation
> to complete the tunnel method work (most of the recent
> discussion has be
The response to the charter revision has been underwhelming. I am a bit
concerned that we do not have enough participation to complete the
tunnel method work (most of the recent discussion has been about other
methods).
I would like to get an idea of the number working group members that
approv
working group interest in pursuing a method of
this type.
Cheers,
Joe
> -Original Message-
> From: Dorothy Stanley [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 12, 2008 8:13 AM
> To: Joseph Salowey (jsalowey)
> Cc: emu@ietf.org
> Subject: Re: [Emu] EMU charter re
Hi Joe,
I have 3 comments, listed below.
Thanks,
Dorothy Stanley
---
1. 3rd list item:
- A mechanism to support extensible communication within a TLS protected
tunnel that meets RFC 3748 and RFC 4017 requirements. This mechanism
must support channel bindings in order to
Below is a revised charter update based on the discussion on the list.
I have left the password based method item as a tunnel method because
this represents the consensus the working group has reached. I also
believe the working group will have to focus on the tunnel method
related items for the n
50 matches
Mail list logo
