On Oct 5, 2022, at 12:44 PM, Eliot Lear <l...@lear.ch> wrote: > >> >> &TL;DR need clarity on how crypto-binding TLVs when there is no inner EAP >> method. Also note the use of request-action. >> >> Key questions: what value to pass for EMSK and MSK in crypto binding >> response when there is no inner method? Zeros? >> >> Also, can the flags indicate that there is no EMSK or MSK? This would solve >> our first problem.
Both approaches seem reasonable. >> Finally, are we cool piggybacking Result and Crypto-binding on a PKCS#7 TLV? >> >> Flows follow: >> Use case 1: >> >> Device just wants to use TEAP in the same way one would use EAP-TLS. This >> would be what I would call "normal operations". That is, we would expect >> something along the following lines: What additions are there from EAP-TLS? Provisioning? >> Note the lack of an Intermediate Result TLV, because the text states that >> Intermediate Results are only required upon completion of an inner EAP >> method. I think that's reasonable. >> The second use case involves the use of PKCS#10/PKCS#7 messages. We think >> that looks like this: That seems OK, too. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
