On Sep 7, 2022, at 12:57 AM, Joseph Salowey <j...@salowey.net> wrote: > I think we need to have some review of the EAP-FAST and TEAP sections before > publication. If we can't get the review then maybe we should remove those > sections. Is someone willing to step up and review these sections of the > draft, preferably who has implementation experience?
I don't know of anyone who's implemented TLS 1.3 for FAST or TEAP. The TEAP implementors are still working on interoperability for earlier versions of TLS. i.e. there are pending patches to hostap / wpa_supplicant which help it interoperate with Windows. I would suggest that the sections be left in, even if there is no feedback from implementors. Perhaps add a warning to the sections saying "This is what is proposed, but at this time there is no implementation experience". If it works, great. If not, it's probably a minor errata. The TEAP RFC was in exactly this situation for many years before people started implementing it. I would argue that's ample precedent for saying "either people don't care, or it doesn't matter. Just publish it" It's better to have guidance which is mostly correct (but might be incorrect), than to give no guidance. That makes it effectively impossible for implementors to upgrade to TLS 1.3. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
