On Sep 19, 2019, at 2:27 AM, Jim Schaad <i...@augustcellars.com> wrote: > > I am going to come down on the side of no PSK should not be supported. > However my issues have nothing to do with how things are implemented and > more to do with the security properties of the EAP method.
I'm leaning that way myself. I'm not opposed in principle, but it looks like other options have better properties. > When you use certificates, there is no leakage of who the client is as this > is encrypted by TLS. When you use a restore session ticket, it is possible > to limit the number of times that the ticket can be used (for example once). > The PSK identity is public and unprotected so it can be used to track. If > one is using PSK for the purpose of authentication then that value will > always be visible to intermediate parties for the purpose of tracking. > This can be slightly mitigated by using restore session tickets with PSK, > but you are going to send that PSK identifier over the wire many times. i.e. the only secure way to use PSK is one-time authentication, as per Owen's IoT use-case. If we do allow it, there's just no question that people will abuse it. That for me is a strong reason to forbid it. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu