I do not understand the reason for Bernard's objection. I looked at the minutes, and I do not find any rationale there. Can you help?
Russ > On Mar 9, 2020, at 5:59 AM, John Mattsson <john.matts...@ericsson.com> wrote: > > Hi Russ, > > Sorry for the late reply. I actually brought up your draft > [ID-ietf-tls-tls13-cert-with-extern-psk] during my EMU presentation at IETF > 106 as something that should probably be in EAP-TLS. Bernard Aboba then > expressed a very strong opinion that [ID-ietf-tls-tls13-cert-with-extern-psk] > should absolutely not be included in the EAP-TLS Type-Code 0x0D. After this > the WG decided as a way forward to specify EAP-TLS with PSK authentication in > a new draft. > > Given these strong opinions from Bernard Aboba, and the wish to publish > draft-ietf-emu-eap-tls13 soon. I think the best way forward would be specify > the use of [ID-ietf-tls-tls13-cert-with-extern-psk] in the same new draft as > EAP-TLS with PSK authentication. Does that sound like an acceptable way > forward? > > Cheers, > John > > -----Original Message----- > From: Russ Housley <hous...@vigilsec.com> > Date: Monday, 13 January 2020 at 18:29 > To: John Mattsson <john.matts...@ericsson.com> > Cc: EMU WG <emu@ietf.org> > Subject: Late WGLC Comment on draft-ietf-emu-eap-tls13 > > John: > > Section 2.1.1 says: > > Pre-Shared Key (PSK) authentication SHALL NOT be used except > for resumption. > > I would rather this say: > > Pre-Shared Key (PSK) authentication SHALL NOT be used except > for resumption or in conjunction with the "tls_cert_with_extern_psk" > extension [ID-ietf-tls-tls13-cert-with-extern-psk]. > > Russ > > > _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
