On Oct 30, 2019, at 5:02 AM, Eliot Lear <l...@cisco.com> wrote: > A fair argument, if it can be made, and I am not convinced it has been fully > expressed, is the idea that there is no context by which one can separate > fast restart and initial authentication. This is Alan’s concern. I’m not > saying it’s without merit, but what I cannot yet see is whether it is an > implementation or a protocol matter.
I believe it's a protocol matter. In TLS 1.3, PSK handshakes are the same as resumption handshakes. It's not clear to me how this issue was addressed when using TLS 1.3 with HTTPS. But I do believe it's an issue there, too. As an additional note, I believe it's also important that draft-dekok-emu-tls-eap-types be published at the same time as the EAP-TLS document. The only unknown there is FAST and TEAP. I'm happy to remove them from the document. But at this point it's not even a WG document. There's not even consensus that the document necessary, which surprises me rather a lot. Because password-based EAP methods are *much* more wide-spread than EAP-TLS. If the IETF publishes EAP-TLS without simultaneously rev'ing TTLS and PEAP, it will not only look bad, it will *be* bad. And the industry press will (rightfully) lambast the standards process. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
