Alan DeKok <al...@deployingradius.com> writes:
> https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tunnel-method/
Section 5.3:
The Compound MAC computation is as follows:
CMK = CMK[j]
Compound-MAC = HMAC-HASH( CMK, BUFFER )
where j is the number of the last successfully executed inner EAP
method, HASH is the default hash function or the alternative hash
function negotiated in TLS 1.2 [RFC5246], and BUFFER is created after
concatenating these fields in the following order:
TLS may negotiate MACs that are not based on HMAC. Am I missing some
context here, or should this really be something like:
The Compound MAC computation is as follows:
CMK = CMK[j]
Compound-MAC = MAC( CMK, BUFFER )
where j is the number of the last successfully executed inner EAP
method, MAC is the MAC function negotiated via TLS 1.2 [RFC5246], and
BUFFER is created after concatenating these fields in the following
order:
Section 5.1:
derivation is "teap seesion key seed". The length of the session key
Is this typo intentional? I see it repeated in the IANA considerations
as well.
/Simon
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu
