> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Bernard Aboba > Sent: Tuesday, April 29, 2008 12:50 PM > To: emu@ietf.org > Subject: Re: [Emu] EMU charter revision, > > In re-reading this charter, I still don't think we're quite there: > > a. Why is there still a charter item for EAP-TLS? This work > has been completed, no? > [Joe] Yes it has. I originally argued to keep it in the charter for historical reasons, but now it seems to make more sense to remove it.
> b. Attempting to extend EAP-TLS to support tunneling or > channel bindings is not appropriate. EAP-TLS already widely > deployed, with large investments in conformance tests. Given > the number of existing TLS-based tunneling protocols, such a > work item would serve no useful purpose. Let's focus on > adding channel binding support to tunnel methods. > [Joe] Jari had asked to keep this open to TLS. I think he was suggesting it could be done as a TLS extension and would not require tunneling. I agree that we do not want to extend EAP-TLS to do tunneling. How about: "- Enable a TLS-based EAP method to support channel bindings. This item will not generate a new method, rather it will focus on supporting EAP channel bindings within the tunnel method. The possiblity of adding channel bindings to EAP-TLS through a TLS extension or other standard TLS mechanism may also be investigated. " > c. To some extent, I agree with Dan and Yoav with respect to > the need for password-based methods. Had such methods been > available earlier, it's questionable whether TLS tunneling > would have taken off to the extent that it has. Also, I > think that such methods, if specified in the IETF, would be > likely to be widely deployed. However, on the other hand I > think that this is really an issue for the entire security > area, not just for EMU. So I'd suggest that this issue be > brought up in SAAG. > [Joe] I agree. > ===================================================================== > Below is a revision to the EMU charter that is intended to > reflect the discussions in the Philadelphia meeting. Please > respond to the list if you approve of the charter or if you > have any comments on the charter. > I would like to have responses by 4/24. > > Thanks, > Joe > > > > _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
