On Jul 28, 2021, at 12:26 PM, Dan Harkins <dhark...@lounge.org> wrote: > Assuming everything can be assigned a username and a password is what is > wrong.
Yes. That was intended to be just an example, though. > If you're concerned about *standard* EAP methods being used in *standard* ways > then think about what we're proposing: > > 1. No change to RFC 7170 > 2. No change to RFC 8773 > 3. No change to RFC 7250 > 4. a new name assignment from a name registry created by an I-D (soon to be > RFC) That's good. One of the goals of my draft was minimal changes to existing systems. For example, the TEAP RFC is ~7 years old, and based on 3-4 years of work before that. Yet it was only recently that people started implementing it, and discovered serious issues. > So what we're proposing is using an EAP method in a way in it was defined and > using > TLS to authenticate it using tools which were defined to authenticate TLS. > We're just > proposing to use those tools in a new way. Yup. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
