Hi Hannes,
Thanks for the follow up. I have submitted a new version which should
address your concerns. Here is a diff for your convenience:
https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eaptlscert-05
Please see in-line for details.
I believe that the draft is now ready for publication.
-
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the EAP Method Update WG of the IETF.
Title : Handling Large Certificates and Long Certificate
Chains in TLS-based EAP Methods
Authors : Mohit Sethi
Hi Hannes,
On 6/12/20 11:29 AM, Hannes Tschofenig wrote:
A short follow-up on my own review:
I wrote:
"
Pre-Shared Key (PSK) authentication SHALL NOT be used except
for resumption.
"
What you want to say that that EAP-TLS MUST NOT use external PSKs. I wonder why
you want to rule that use
Hi Hannes,
Unfortunately you are wrong here. The design decision was in fact taken to
avoid changes to the underlying TLS implementation while also avoiding changes
to RFC 3748. To summarize:
Jouni Malinen pointed out that mapping session resumption of TLS 1.3 to EAP-TLS
is non-trivial. See hi
Hi Mohit,
Thanks for the super-detailed response.
Give me till tomorrow to parse your response. Glad to hear that you talked
about this topic already.
Ciao
Hannes
From: Mohit Sethi M
Sent: Monday, June 15, 2020 3:52 PM
To: Hannes Tschofenig ; emu@ietf.org
Subject: Re: [Emu] Commitment Message
A new meeting session request has just been submitted by Liz Flynn, on behalf
of the emu working group.
-
Working Group Name: EAP Method Update
Area Name: Security Area
Session Requester: Liz Flynn
Number of Sessions: 1
Length of Sessi
