Re: [Emu] Crypto-binding in TTLS-v0

[Lakshminath Dondeti]

Yeah, sorry.  I meant channel binding.

I am not necessarily tying TTLS-v0 with the password-based EMU method 
deliverable.  If the extensibility is there, that decision could be 
separated from the much needed publication of TTLS-v0.

regards,
Lakshminath

On 8/21/2007 11:17 PM, Hao Zhou (hzhou) wrote:
Lakshminath:

Do you mean channel binding, not "compound binding"? I thought
crypto-binding is "compound-binding".

I think publishing a "widely" deployed EAP method is orthogonal to
publishing a new method meeting EMU charter. I agree publishing the
existing method as deployed is something needs to be done quickly. I am
still doubtful that adding the extra stuff required to meet the charter
(crypto-binding, crypto-agility, synchronized result indication,
internationalization), to the existing method can be done without
breaking backward compatibility.  If indeed breaks it, then the argument
of TTLS is widely deployed doesn't stand anymore. The new method or new
version of the old method still needs to be implemented and deployed.

-----Original Message-----
From: Lakshminath Dondeti [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, August 22, 2007 12:45 AM
To: Alan DeKok
Cc: Sam Hartman; emu@ietf.org
Subject: Re: [Emu] Crypto-binding in TTLS-v0

I would like to see the crypto-binding stuff (not compound 
binding -- as others have noted, we don't have consensus on 
that topic) and extensibility (how to add new attributes) specified.

That should not take more than 1-2 months to write-up, review 
and finalize :).  That should also be least disruptive to 
existing implementations.  I would also like to see TTLS-v0 
published very soon.

regards,
Lakshminath

On 8/21/2007 9:38 PM, Alan DeKok wrote:
Sam Hartman wrote:
So, if EMU is going to base its work on something existing, it is 
probably important for EMU to take on the entire method.
  If consensus is to use EAP-TTLS, then I would suggest 
publishing the 
base EAP-TTLS document pretty much as-is as a 
standards-track document.
   The additional EMU requirements can be addressed in a 
separate document.
  This process lets us get something done quickly.  I would 
prefer to 
void spending years talking about a new EAP method, 
followed by years 
of trying to get it widely deployed.

  Alan DeKok.

_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu

_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu



_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu