On Tue, Jan 3, 2023 at 9:14 AM Alexander Clouter
wrote:
> On Tue, 3 Jan 2023, at 14:16, Eliot Lear wrote:
>
> My expectation is that you use the EMSK from the outer-TLS authentication
> to do this calculation.
>
> However, I now understand your point about the *value* of doing this.
> Generating
On Tue, 3 Jan 2023, at 14:16, Eliot Lear wrote:
>> My expectation is that you use the EMSK from the outer-TLS authentication to
>> do this calculation.
>>
>> However, I now understand your point about the *value* of doing this.
>> Generating a Cryptobinding on the outer-TLS authentication does n
Hi Alexander,
On 03.01.23 14:40, Alexander Clouter wrote:
On Tue, 3 Jan 2023, at 08:20, Eliot Lear wrote:
My use case is IOT. I'm interested in two states:
* Nominal: everything looks very similar to EAP-TLS.
* Exceptional: a new certificate or a new trust anchor or something
else is
On Tue, 3 Jan 2023, at 08:20, Eliot Lear wrote:
> My use case is IOT. I'm interested in two states:
>
> * Nominal: everything looks very similar to EAP-TLS.
> * Exceptional: a new certificate or a new trust anchor or something else is
> needed. In which case, I would expect the server to push
Hi Alexander!
Zooming down:
On 02.01.23 12:10, Alexander Clouter wrote:
Fewer conditionals/branching points in implementations?
At the moment the rule is "start with S-IMCK[0]" and then both:
* mix in MSK goodness and track that progression
* mix in EMSK goodness and track that progression
After implementing EAP-FAST and TEAP, I see a big value in simplifying the
protocol state machine. If we draw a state machine diagram and it can be
placed on a relatively small piece of [virtual] paper and clearly readable
- it is much better for the implementers. Thus I would vote for keeping a
co
On Thu, 1 Dec 2022, at 13:44, Eliot Lear wrote:
> Th proposed change is as follows:
>
>
>
>> 4.2.13. Crypto-Binding TLV
>>
>> The Crypto-Binding TLV is used to prove that both the peer and server
>> participated in the tunnel establishment and sequence of authentications. It
>> also provides
Hi,
I am reviewing the errata on GitHub and would like to close on them.
The first one I am addressing is 5775, which can be found on the RFC
Editor page at https://www.rfc-editor.org/errata/eid5775. Joe's
proposed fix can be viewed at
https://github.com/emu-wg/teap-errata/commit/6fdcc5b155
