IETF Logo Mail Archive

RE: [Emu] Crypto-binding in TTLS-v0

"Hao Zhou \(hzhou\)" <hzhou@cisco.com> Wed, 22 August 2007 06:18 UTC

Return-path: <emu-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1INjXc-00053h-T6; Wed, 22 Aug 2007 02:18:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1INjXY-00053E-OH for emu@ietf.org; Wed, 22 Aug 2007 02:18:04 -0400
Received: from sj-iport-1-in.cisco.com ([171.71.176.70] helo=sj-iport-1.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1INjXX-0002dE-EF for emu@ietf.org; Wed, 22 Aug 2007 02:18:04 -0400
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-1.cisco.com with ESMTP; 21 Aug 2007 23:18:02 -0700
X-IronPort-AV: i="4.19,292,1183359600"; d="scan'208"; a="14449121:sNHT23468310"
Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l7M6I2U8009705; Tue, 21 Aug 2007 23:18:02 -0700
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l7M6I27J011362; Wed, 22 Aug 2007 06:18:02 GMT
Received: from xmb-rtp-212.amer.cisco.com ([64.102.31.111]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 22 Aug 2007 02:18:02 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Emu] Crypto-binding in TTLS-v0
Date: Wed, 22 Aug 2007 02:17:59 -0400
Message-ID: <9958B444368E884DBB215F3FEF36F5B705131953@xmb-rtp-212.amer.cisco.com>
In-Reply-To: <46CBBF61.8070207@qualcomm.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Emu] Crypto-binding in TTLS-v0
Thread-Index: Acfkd0uBgY8ilB6vTRGLp2GifFe46QAC6knw
References: <AC1CFD94F59A264488DC2BEC3E890DE5044ECE60@xmb-sjc-225.amer.cisco.com> <tslmywku5d0.fsf@mit.edu><46CBBDC3.50300@deployingradius.com> <46CBBF61.8070207@qualcomm.com>
From: "Hao Zhou (hzhou)" <hzhou@cisco.com>
To: Lakshminath Dondeti <ldondeti@qualcomm.com>, Alan DeKok <aland@deployingradius.com>
X-OriginalArrivalTime: 22 Aug 2007 06:18:02.0018 (UTC) FILETIME=[31790820:01C7E484]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2485; t=1187763483; x=1188627483; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=hzhou@cisco.com; z=From:=20=22Hao=20Zhou=20\(hzhou\)=22=20<hzhou@cisco.com> |Subject:=20RE=3A=20[Emu]=20Crypto-binding=20in=20TTLS-v0 |Sender:=20; bh=rYD58xSpDvpGac4tUhaV4AihBFWyvq9Y+qyo5h72JZI=; b=KNUvEOy2zrQCn2AzLf2+zZTwlxyoCZ37i90d22xTZP7PbIkgXPNV2BzhPTO7S8JDvc4StB9x Yo8OL+e2LP+Rsi0DrmfnfaT+YNGQbZC8CSG5b5DieAYi3Qiztj1LSo40;
Authentication-Results: sj-dkim-2; header.From=hzhou@cisco.com; dkim=pass (s ig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: -4.0 (----)
X-Scan-Signature: 52f7a77164458f8c7b36b66787c853da
Cc: Sam Hartman <hartmans-ietf@mit.edu>, emu@ietf.org
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org

Lakshminath:

Do you mean channel binding, not "compound binding"? I thought
crypto-binding is "compound-binding".

I think publishing a "widely" deployed EAP method is orthogonal to
publishing a new method meeting EMU charter. I agree publishing the
existing method as deployed is something needs to be done quickly. I am
still doubtful that adding the extra stuff required to meet the charter
(crypto-binding, crypto-agility, synchronized result indication,
internationalization), to the existing method can be done without
breaking backward compatibility.  If indeed breaks it, then the argument
of TTLS is widely deployed doesn't stand anymore. The new method or new
version of the old method still needs to be implemented and deployed.

> -----Original Message-----
> From: Lakshminath Dondeti [mailto:ldondeti@qualcomm.com] 
> Sent: Wednesday, August 22, 2007 12:45 AM
> To: Alan DeKok
> Cc: Sam Hartman; emu@ietf.org
> Subject: Re: [Emu] Crypto-binding in TTLS-v0
> 
> I would like to see the crypto-binding stuff (not compound 
> binding -- as others have noted, we don't have consensus on 
> that topic) and extensibility (how to add new attributes) specified.
> 
> That should not take more than 1-2 months to write-up, review 
> and finalize :).  That should also be least disruptive to 
> existing implementations.  I would also like to see TTLS-v0 
> published very soon.
> 
> regards,
> Lakshminath
> 
> On 8/21/2007 9:38 PM, Alan DeKok wrote:
> > Sam Hartman wrote:
> >> So, if EMU is going to base its work on something existing, it is 
> >> probably important for EMU to take on the entire method.
> > 
> >   If consensus is to use EAP-TTLS, then I would suggest 
> publishing the 
> > base EAP-TTLS document pretty much as-is as a 
> standards-track document.
> >    The additional EMU requirements can be addressed in a 
> separate document.
> > 
> >   This process lets us get something done quickly.  I would 
> prefer to 
> > void spending years talking about a new EAP method, 
> followed by years 
> > of trying to get it widely deployed.
> > 
> >   Alan DeKok.
> > 
> > _______________________________________________
> > Emu mailing list
> > Emu@ietf.org
> > https://www1.ietf.org/mailman/listinfo/emu
> > 
> 
> _______________________________________________
> Emu mailing list
> Emu@ietf.org
> https://www1.ietf.org/mailman/listinfo/emu
> 

_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu

v2.23.0 | Report a Bug | By Email