Chair hat on: The draft needs to be formally adopted as a working group item before moving to last call.
Chair hat off: I support the adoption of this draft as a working group item. This is a charter item and the draft is simple enough to move forward rather quickly. The code has been updated in the wpa_supplicant and hostapd: https://w1.fi/cgit/hostap/commit/?id=1c16b257a081e810caf2ca0926ff4f9e2bb9557c https://w1.fi/cgit/hostap/commit/?id=5eefa8115b884f8ab45ac6521f66dc68f555dcd0 John provided a review here: https://mailarchive.ietf.org/arch/msg/emu/fHopSdLqMY37odPGvwn7M5ZksIw and Jouni made a comment here: https://mailarchive.ietf.org/arch/msg/emu/MX7P367g4j2c3yuyqch3W-I3u_o I have a couple of comments: I think it would really help to document the fact that the Session-Id length for EAP-SIM is different for full authentication and fast re-authentication. That's because for full authentication, the Session-Id is: Session-Id = 0x12 || RAND || NONCE_MT and RFC 4186 says that EAP server should obtain n GSM triplets where n = 2 or n = 3. So the length is either: 1 (Method-Id) + 32 (RAND*2) +16 (NONCE_MT) = 49 or 1 (Method-Id) + 48 (RAND*3) + 16 (NONCE_MT) =65. However, in fast-reauthentication, the Session-Id is: Session-Id = 0x12 || NONCE_S || MAC So the length is: 1 (Method-Id) + 16 (NONCE_S) + 16 (MAC) = 33 I found it surprising while implementing that the Session-Ids were different in lengths. My next question is about Session-Id for PEAP. The draft currently defines Session-Id for EAP-PEAP as: Session-Id = 0x19 || client.random || server.random). Do you plan to update this for TLS 1.3 and use TLS-Exporter in your other draft: draft-dekok-emu-tls-eap-types? Do we need to do this twice in separate drafts? --Mohit On 5/22/19 7:42 PM, Alan DeKok wrote: Draft is here: https://tools.ietf.org/html/draft-dekok-emu-eap-session-id-00 This is a charter item: https://datatracker.ietf.org/wg/emu/about/ - Define session identifiers for fast re-authentication for EAP-SIM, EAP-AKA, and EAP-AKA’. The lack of this definition is a recently discovered bug in the original RFCs. There have been minimal comments on the document. What comments have been received are supportive. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org<mailto:Emu@ietf.org> https://www.ietf.org/mailman/listinfo/emu
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
