Re: [Emu] Client Auth with TLS

2012-10-11 Thread Stefan Winter
gt; >>>> Thanks for the input. >>>> >>>> For the authors, >>>> >>>> Does this need to be documented as a mode of operation for TEAP or are >>>> we >>>> going to say that this is not a supported mode? >>>>

Re: [Emu] Client Auth with TLS

2012-10-10 Thread Jim Schaad
> To: Jim Schaad > Cc: Stefan Winter; > Subject: Re: [Emu] Client Auth with TLS > > > On Oct 9, 2012, at 9:35 AM, Jim Schaad wrote: > > > > > > >> -Original Message- > >> From: Joseph Salowey (jsalowey) [mailto:jsalo...@cisco.com] >

Re: [Emu] Client Auth with TLS

2012-10-09 Thread Joseph Salowey (jsalowey)
On Oct 9, 2012, at 9:35 AM, Jim Schaad wrote: > > >> -Original Message- >> From: Joseph Salowey (jsalowey) [mailto:jsalo...@cisco.com] >> Sent: Monday, October 08, 2012 9:23 PM >> To: Jim Schaad >> Cc: Stefan Winter; >> Subject: Re: [Emu]

Re: [Emu] Client Auth with TLS

2012-10-09 Thread Jim Schaad
> -Original Message- > From: Joseph Salowey (jsalowey) [mailto:jsalo...@cisco.com] > Sent: Monday, October 08, 2012 9:23 PM > To: Jim Schaad > Cc: Stefan Winter; > Subject: Re: [Emu] Client Auth with TLS > > I think it is worthwhile to support an mode of oper

Re: [Emu] Client Auth with TLS

2012-10-09 Thread Hao Zhou (hzhou)
8:43 PM, Jim Schaad wrote: >> >>> Stefan, >>> >>> Thanks for the input. >>> >>> For the authors, >>> >>> Does this need to be documented as a mode of operation for TEAP or are >>>we >>> going to say that this i

Re: [Emu] Client Auth with TLS

2012-10-09 Thread Stefan Winter
t;>> From: emu-boun...@ietf.org [mailto:emu-boun...@ietf.org] On Behalf Of >>> Stefan Winter >>> Sent: Wednesday, October 03, 2012 11:10 PM >>> To: emu@ietf.org >>> Subject: Re: [Emu] Client Auth with TLS >>> >>> Hi, >>> &g

Re: [Emu] Client Auth with TLS

2012-10-09 Thread Alan DeKok
Joseph Salowey (jsalowey) wrote: > I think it is worthwhile to support an mode of operation that supports peer > privacy. I've seen this implemented in tunnel methods in two different > ways. One with renegotiation as described below and the other as an inner > EAP-TLS exchange after an anony

Re: [Emu] Client Auth with TLS

2012-10-08 Thread Joseph Salowey (jsalowey)
mailto:emu-boun...@ietf.org] On Behalf Of >> Stefan Winter >> Sent: Wednesday, October 03, 2012 11:10 PM >> To: emu@ietf.org >> Subject: Re: [Emu] Client Auth with TLS >> >> Hi, >> >>> 3. The client provides the certificate in a protected manner

Re: [Emu] Client Auth with TLS

2012-10-07 Thread Jim Schaad
an Winter > Sent: Wednesday, October 03, 2012 11:10 PM > To: emu@ietf.org > Subject: Re: [Emu] Client Auth with TLS > > Hi, > > > 3. The client provides the certificate in a protected manner - I had > > a problem at this point because I don't know enough TLS to

Re: [Emu] Client Auth with TLS

2012-10-03 Thread Stefan Winter
Hi, > 3. The client provides the certificate in a protected manner - I had a > problem at this point because I don't know enough TLS to properly go through > this scenario, and I could not really read documents while driving. If the > encrypted certificate extension was used, then there is no is

[Emu] Client Auth with TLS

2012-10-03 Thread Jim Schaad
This issue is one that I was dealing with while driving grapes back from the vineyard yesterday. I don't know that it needs to have any changes in the draft. I am putting this out to see if there is any controversy on the decisions that I would make about this issue. The client is going to use c