On Mar 1, 2021, at 5:26 AM, Mohit Sethi M <mohit.m.se...@ericsson.com> wrote: > FYI: the latest update of wolfSSL (February 16, 2021) now claims to implement > RFC 5705: Keying Material Exporters for TLS. See: > https://github.com/wolfSSL/wolfssl/blob/ef916df1b1f9f9678fe7787e3b864a4b015fe569/README.md#wolfssl-release-470-february-16-2021
That's good. > The reason for moving the Type-Code to the label was also based on Ben and > Martin's comments. Ben's IESG review for example notes: > >> Section 2.3 >> >> The use of a constant 0x0D (the "Type-Code") as the TLS-Exporter context >> is rather unusual; per RFC 8446 this value is intended to be a >> "per-association context value provided by the application using the >> exporter" per RFC 5705 -- this value is not a per-association value but >> rather a global one. The issue is what can we use for "per-association context value". EAP runs over PPP, Ethernet, RADIUS, PANA, IKEv2, ... There is literally no per-association context value which can be used. So our choices here are: 1) leave context empty, and have per-type key labels 2) use type-code as the context, and use a constant label across EAP types There appears to be consensus among implementors that (2) is preferred. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
