Re: [Emu] New Version Notification for draft-ietf-emu-eap-tls13-01.txt

Wed, 19 Sep 2018 00:05:31 -0700 

We have updated the draft according to the discussions and suggestions at IETF 
102:

- The Session-Id now starts with the prefix 0x0D as in RFC 5216 (as suggested 
by Bernard Aboba). This also makes the Session-ID 65 bytes long as in RFC 5216.

   Method-Id    = TLS-Exporter("EXPORTER_EAP_TLS_Method-Id", "", 64)    
   Session-Id   = 0x0D || Method-Id

- The EAP server now commits to not send any more handshake messages (Finished 
or a     
  Post-Handshake) by sending an empty TLS record (as suggested by Jim Schaad).

                                             TLS Finished,      
                        <--------            TLS empty record)

- A new section "EAP State Machines" has been added discussing mechanism with 
the empty TLS record. After sending an empty application data record, the EAP 
Server may only send an EAP-Success, an EAP-Failure, or an EAP-Request with a 
TLS Alert Message. This should be like RFC 5216 where EAP Peer during 
resumption cannot know if its authentication will be successful or generate an 
TLS alert (Section 2.1.2 of RFC 5216).

- Two new sections on privacy and pervasive monitoring has been added to the 
security consideration section. I will add text to them before Bangkok, mostly 
referring to the considerations in TLS 1.3.

Comments and feedback on the new version is very welcome.

Cheers,
John

On 2018-09-19, 08:35, "internet-dra...@ietf.org" <internet-dra...@ietf.org> 
wrote:


A new version of I-D, draft-ietf-emu-eap-tls13-01.txt
has been successfully submitted by John Mattsson and posted to the
IETF repository.

Name:           draft-ietf-emu-eap-tls13
Revision:       01
Title:          Using EAP-TLS with TLS 1.3
Document date:  2018-09-18
Group:          emu
Pages:          19
URL:            
https://www.ietf.org/internet-drafts/draft-ietf-emu-eap-tls13-01.txt
Status:         https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/
Htmlized:       https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-01
Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-tls13
Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-01

Abstract:
   This document specifies the use of EAP-TLS with TLS 1.3 while
   remaining backwards compatible with existing implementations of EAP-
   TLS.  TLS 1.3 provides significantly improved security, privacy, and
   reduced latency when compared to earlier versions of TLS.  This
   document updates RFC 5216.

                                                                                
  


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat


_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu

Reply via email to