Re: [Emu] Re: Thoughts on Password-based EAP Methods

To: "Bernard Aboba" <bernard_aboba at hotmail.com>

Subject: Re: [Emu] Re: Thoughts on Password-based EAP Methods

Date: Wed, 28 Mar 2007 23:58:46 +0200

Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=CnBaMK6oJ07BWt8+PmMrHbsV8o8raY//V8MWIO1bMhnDs2dbTzuhZydHSsjSHczPZt/MzNwA1HQQuFvv3p6hnlIX+alZFs34IlasXtrbnm19iVhY7h4vqoftuCtcQXGWCsOqS+NFJfs7FMS9Pr1DQilpI9eBk+K30gzzuPZjo1Q=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=tolFe2+ES2mqu9WzghP9UH0IzAXOltdfTIWnwSD6ddIDP1gqm5tfF2GyvA9AF3iSbwt+jw1D3xuNUJFEx/DfU8tam3U/D7JAL0AP7addl3otHHzhIcMy8J2sJYXjl64TF59eZB4PtkGJGtMJfVLzx/DpUomOCvAjCA3d9R5J/fA=

In-reply-to: <BAY117-F228605DE3DFC09EAFDDFA936D0@phx.gbl>

List-archive: <http://www1.ietf.org/pipermail/emu>

List-help: <mailto:emu-request@ietf.org?subject=help>

List-id: "EAP Methods Update \(EMU\)" <emu.ietf.org>

List-post: <mailto:emu@ietf.org>

List-subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>

List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>

References: <BAY117-F228605DE3DFC09EAFDDFA936D0@phx.gbl>

Does it need to recharter?

Best regards,

Badra

On 3/28/07, Bernard Aboba <bernard_aboba at hotmail.com> wrote:

The latest EAP-TTLSv0 draft is available here:
http://www.watersprings.org/pub/id/draft-funk-eap-ttls-v0-00.txt

In terms of publication interest, back in the fall Jari Arkko had announced
a program to encourage widely implemented EAP methods to publish their
specifications  as RFCs.  As I recall, there was interest to publish
EAP-FAST (in the RFC Editor queue), PEAPv0 (documentation currently being
revised for submission as an Internet Draft).   I don't know the current
status of the EAP-TTLSv0 publication effort (e.g. whether publication has
been requested or not).   Steve Hanna might know.

In terms of history, EAP-TTLSv0 was accepted as a Standards Track work item
of the PPPEXT WG prior to the formation of the EAP WG.  It has been
implemented on a wide variety of platforms including open source versions
for Windows (http://www.securew2.com/) and Linux
(http://open1x.sourceforge.net/ ).  Interoperability of EAP-TTLSv0
implementations is currently certified by the WFA.

In terms of features that would be needed to meet EMU WG requirements, I
think we are probably talking about crypto-binding and channel binding.  It
is possible that there may be other features needed for some scenarios (e.g.
mutual certificate authentication for a device/machine plus user auth for
scenarios currently discussed within WiMAX Forum and 3GPP2).

_______________________________________________ Emu mailing list Emu at ietf.org https://www1.ietf.org/mailman/listinfo/emu

Re: [Emu] Re: Thoughts on Password-based EAP Methods

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.