On Mar 11, 2020, at 9:38 AM, John Mattsson wrote:
> What does "avoid having multiple EAP types" refer to?
>
> Does this mean you would like to avoid "EAP-TLS (certs), and another for
> EAP-TLS (everything else)", even If you can accept it
That's fine.
> Or are you saying that you want to avo
hat you want to avoid EAP-TLS (cert), EAP-TLS (psk), EAP-TLS
(pwd), etc
John
-Original Message-
From: Alan DeKok
Date: Wednesday, 11 March 2020 at 12:26
To: John Mattsson
Cc: Russ Housley , Mohit Sethi M
, EMU WG
Subject: Re: [Emu] Late WGLC Comment on draft-ietf-emu-eap-tls13
On Mar 11, 2020, at 9:03 AM, Owen Friel (ofriel) wrote:
>
> Alan,
> How should we interpret this in RFC 5216
> https://tools.ietf.org/html/rfc5216#section-2.1.1:
...
> Does this statement pretty much precludes the certificateless TLS 1.2
> ciphersuites, i.e. the extern PSK ones from right?
WG
Subject: Re: [Emu] Late WGLC Comment on draft-ietf-emu-eap-tls13
On Mar 11, 2020, at 4:01 AM, John Mattsson
wrote:
>
> If I remember correctly, Bernard stated that the indroduction of PSK could
> weaken the implementation and violate the security proofs of EAP-TLS. I don't
On Mar 11, 2020, at 4:01 AM, John Mattsson
wrote:
>
> If I remember correctly, Bernard stated that the indroduction of PSK could
> weaken the implementation and violate the security proofs of EAP-TLS. I don't
> really agree with Bernard, but I am fine with resticting the type code 0x0D
> to c
everything that TLS 1.3 supports)
>
> I sympatise with earlier comments in the group that EAP should mostly be a
> transport for TLS and that the decisions of which authentication methods to
> support should be taken by the TLS WG.
>
> Cheers,
> John
>
> -----Original
mostly be a
transport for TLS and that the decisions of which authentication methods to
support should be taken by the TLS WG.
Cheers,
John
-Original Message-
From: Russ Housley
Date: Tuesday, 10 March 2020 at 18:48
To: Mohit Sethi M
Cc: John Mattsson , EMU WG
Subject: Re: [Emu] Late
Thanks for the pointer.
I am fine with the proposed way forward.
Russ
> On Mar 10, 2020, at 12:43 PM, Mohit Sethi M
> wrote:
>
> Hi Russ,
>
> You can listen here: https://youtu.be/YJLG4JUftqI?t=1144
>
> We plan to support it in EAP-TLS-PSK instead:
> https://tools.ietf.org/html/draft-matt
Hi Russ,
You can listen here: https://youtu.be/YJLG4JUftqI?t=1144
We plan to support it in EAP-TLS-PSK instead:
https://tools.ietf.org/html/draft-mattsson-emu-eap-tls-psk-00. We have
already added a reference to draft-ietf-tls-tls13-cert-with-extern-psk
and plan to use it. I think using an ext
I do not understand the reason for Bernard's objection. I looked at the
minutes, and I do not find any rationale there. Can you help?
Russ
> On Mar 9, 2020, at 5:59 AM, John Mattsson wrote:
>
> Hi Russ,
>
> Sorry for the late reply. I actually brought up your draft
> [ID-ietf-tls-tls13-ce
Hi Russ,
Sorry for the late reply. I actually brought up your draft
[ID-ietf-tls-tls13-cert-with-extern-psk] during my EMU presentation at IETF 106
as something that should probably be in EAP-TLS. Bernard Aboba then expressed a
very strong opinion that [ID-ietf-tls-tls13-cert-with-extern-psk] s
11 matches
Mail list logo