Hello,
On Fri, Sep 09, 2022 at 05:35:26PM -0400, Alan DeKok wrote:
I guess the argument is that those are the labels that are used in TEAP
(without exporter) and the same labels are used by EAP-FAST (with different
method ID). My main concern is that they labels are somewhat generic (session
key seed, session key generating function) which might lead to confusion.
It's a balance between that, and changing them to something different just for
TLS 1.3.
Given the minimal feedback from implementors, I'd be inclined to change as
little as possible.
I for one appreciate the labels being made all the same; the
implementations in hostapd and FreeRADIUS make it easier just just vary
'Type'.
It also sets a precedence for future methods and maybe even TLS
versions.
Changing a label constant is less effort than moving from a PRF to
TLS-Exporter and including 'Type' as context. I do not really think
tweaking the contents of a label is an issue.
When reading specs, I really appreciate the presence of a section on
"differences to earlier versions" and this draft has that in the form of
Section 2.1. Once published, RFC7170 will gain an 'updated by RFCwxyz'
and implementers will find this information.
Personally, I find the contents of all labels in RFCs meaningless and
just treat them as constants that I am expected to push into my crypto
key generating sausage machine.
I rely on the *variable* naming far more than the values or functions
that generate them. The variable naming guides me how to derive the
answer and having fewer constants just makes this process easier.
Thanks
Alex
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu
