Document: draft-ietf-emu-bootstrapped-tls
Title: Bootstrapped TLS Authentication with Proof of Knowledge (TLS-POK)
Reviewer: Marc Blanchet
Review result: Ready with Nits
Hello,
I've been asked to provide a review of draft-ietf-emu-bootstrapped-tls
>From the ART directorate. I'm no security expert
A couple of typo and other, mostly minor, fixes follow. In regards to
clarifications, the use of salt in Section '3.1 External PSK Derivation' is
unclear but should be easy to clarify.
Section '1.3. EAP Network Access'
Suggest a small terminology update:
s/perform an EAP-TLS-based exchange/per
draft-ietf-emu-bootstrapped-tls-06 is clearly written. I've mainly worked
on EAP server side implementations and I think the document describes the
TLS-POK handshake, and how to prepare for it, clearly enough. A couple of
notes follow:
TLS based EAP methods
+++
My understanding is
rkins ; emu ; Owen Friel (ofriel)
Subject: Re: [Emu] draft-ietf-emu-bootstrapped-tls
Hi Owen, Hi Dan,
thanks for the response and for the clarification.
Here is my proposal for improving the wording of the document.
First, there is a little bit of inconsistency in the terminology.
The Bootstra
Hi Owen, Hi Dan,
thanks for the response and for the clarification.
Here is my proposal for improving the wording of the document.
First, there is a little bit of inconsistency in the terminology.
The Bootstrap Key (BSK) is defined as the public and private key pair.
In Section 2 you use th
started using RFC 9258.
We missed the IETF 116 draft cutoff date, but will get draft-03 out after the
meeting.
Thanks,
Owen
-Original Message-
From: Emu On Behalf Of Dan Harkins
Sent: Wednesday 22 March 2023 19:12
To: Hannes Tschofenig ; emu
Subject: Re: [Emu] draft-ietf-emu-bootstrapped
Hi Hannes,
Sorry for the delay in responding
On 3/4/23 9:31 AM, Hannes Tschofenig wrote:
Hi Owen, Hi Dan,
[snip]
Here is what I have expected to see in the draft given that RFC 9258
already defines the derivation of the epskx and the ipskx provided a few
inputs. Here is what the RFC
Hi Owen, Hi Dan,
Thanks for the recent -02 draft update, which addresses a few of my
remarks in my review
https://mailarchive.ietf.org/arch/msg/emu/VNCAFb4BTTOib27s1gIXUOEn_ng/
My question about the relationship with RFC 9258 was not answered and
hence I am giving it another try.
Here is wha
Hi all,
I have a question about the alignment between the text in Section 3.1 of
draft-ietf-emu-bootstrapped-tls-01 and RFC 9258.
RFC 9258 describes how to import external PSKs for use with TLS 1.3.
It does so by defining a function with three inputs, namely an external
identity, an EPSK, and a
:14
To: emu@ietf.org
Subject: [Emu] draft-ietf-emu-bootstrapped-tls
Hi all,
I have a simple question regarding draft-ietf-emu-bootstrapped-tls-01
Do you see the scope of this specification limited to the use for wired network
access? In Section 2.1 you describe the story as "use DPP if the d
.
-Original Message-
From: Emu On Behalf Of Hannes Tschofenig
Sent: Tuesday 13 December 2022 10:14
To: emu@ietf.org
Subject: [Emu] draft-ietf-emu-bootstrapped-tls
Hi all,
I have a simple question regarding draft-ietf-emu-bootstrapped-tls-01
Do you see the scope of this specification
Hi all,
I have a simple question regarding draft-ietf-emu-bootstrapped-tls-01
Do you see the scope of this specification limited to the use for wired network
access? In Section 2.1 you describe the story as "use DPP if the device
bootstraps against a Wi-Fi network, or TLS-POK if the device boot
12 matches
Mail list logo
