If we are going back to an encrypted application message with 0x00, how do we update the draft to make it clear that the commitment message is encrypted? Several people understood that 0x00 was supposed to not be encrypted. Is something incorrect in draft-ietf-emu-eap-tls13-10, or it there just a need to add a note like:
"Note that in TLS 1.3, all application data including the Commitment Message is protected through authenticated encryption."? John -----Original Message----- From: Alan DeKok <al...@deployingradius.com> Date: Tuesday, 22 September 2020 at 15:17 To: Jorge Vergara <jover...@microsoft.com> Cc: John Mattsson <john.matts...@ericsson.com>, Mohit Sethi M <mohit.m.se...@ericsson.com>, Benjamin Kaduk <ka...@mit.edu>, EMU WG <emu@ietf.org> Subject: Re: [Emu] Commitment Message handling in EAP-TLS 1.3 On Sep 17, 2020, at 12:44 PM, Jorge Vergara <jover...@microsoft.com> wrote: > > Does anyone else have any other thoughts on this? I'm not a TLS expert but > similarly value the TLS Fatal Alerts over using close_notify. If we will be > losing alerts then I would favor switching back to 0x00. In the absence of further discussion, I would suggest staying with 0x00. I'll go poke some code. :) Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
