Dear all, We had submitted a new version before the deadline. This version should address most of the comments received during the last call. Here is the diff for your convenience: https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12.
In particular: - we have removed some of text in the section on HRR and preventing fragmentation that was repeated from RFC8446 and draft-ietf-emu-eaptlscert: https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/15 - we have tried to make the usage of EAP-TLS peer vs. EAP peer vs. EAP-TLS client more consistent. Note that RFC5216 had used a mixture of these terms interchangeably. The terminology section now also says "The term EAP-TLS peer is used for the entity acting as EAP peer and TLS client. The term EAP-TLS server is used for the entity acting as EAP server and TLS server.". - we have now clarified the discrepancy between the "Commitment Message" sending one byte of encrypted application data vs. the statement "EAP-TLS does not protect any application data" in Section 2.4. - we have updated the text on revocation checking based on the recent discussion. Let us know if there are some issues that still need to be addressed. John and Mohit On 11/3/20 12:26 AM, internet-dra...@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the EAP Method Update WG of the IETF. > > Title : Using EAP-TLS with TLS 1.3 > Authors : John Preuß Mattsson > Mohit Sethi > Filename : draft-ietf-emu-eap-tls13-12.txt > Pages : 30 > Date : 2020-11-02 > > Abstract: > This document specifies the use of EAP-TLS with TLS 1.3 while > remaining backwards compatible with existing implementations of EAP- > TLS. TLS 1.3 provides significantly improved security, privacy, and > reduced latency when compared to earlier versions of TLS. EAP-TLS > with TLS 1.3 further improves security and privacy by mandating use > of privacy and revocation checking. This document also provides > guidance on authorization and resumption for EAP-TLS in general > (regardless of the underlying TLS version used). This document > updates RFC 5216. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-12 > https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-tls13-12 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
