Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-10-11 Thread Eliot Lear
> On 11 Oct 2019, at 16:09, Michael Richardson wrote: > > So, can wired just be a degenerate version of wifi, where there can be only > one "ESSID", and there are no beacons to consider? On the whole that has been my thought. But it is a matter of which mechanism to degenerate to. Is it

Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-10-11 Thread Michael Richardson
Eliot Lear wrote: >> Eliot Lear wrote: >>> Before we nail this down, it seems like we need to have a discussion >>> about how best to onboard wired IoT devices in particular from an >>> on-prem view. The issue here is that EAP-TLS-PSK is useful for that >>> purpose, as we

Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-10-11 Thread Eliot Lear
> On 11 Oct 2019, at 13:04, Michael Richardson wrote: > > > Eliot Lear wrote: >> Before we nail this down, it seems like we need to have a discussion >> about how best to onboard wired IoT devices in particular from an >> on-prem view. The issue here is that EAP-TLS-PSK is useful for that

Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-10-11 Thread Michael Richardson
Eliot Lear wrote: > Before we nail this down, it seems like we need to have a discussion > about how best to onboard wired IoT devices in particular from an > on-prem view. The issue here is that EAP-TLS-PSK is useful for that > purpose, as we discussed. Now there is nothing

Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-10-11 Thread Mohit Sethi M
I am aware that Openssl has support for external PSK. The Selfie attack was demonstrated using this Openssl implementation: https://eprint.iacr.org/2019/347 However, the github issue you posted is still helpful. If I understand the resolution of this issue: Openssl will first check for a valid