On Tue, 27 Sep 2022, at 13:25, internet-dra...@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the EAP Method Update WG of the IETF. > > Title : TLS-based EAP types and TLS 1.3 > Author : Alan DeKok > Filename : draft-ietf-emu-tls-eap-types-09.txt > Pages : 21 > Date : 2022-09-27
For TEAP (and similarly for FAST) we need to do more than just state "PACs are dead use NewSessionTicket"[1]. Crucially what goes into 'ticket'? Is this value just the PAC-TLV and parsed by the peer to extract the PSK identity? If so this would rub up against the 'opaque label' nature of the field. I think we should describe how to use the 'extensions' field and define an 'ExtensionType' for our PAC-TLV[2]. We also need to state that some of those sub-attributes are handled differently: * PAC-Key: replaced by internal TLS library magic * PAC-Opaque: replaced by value of 'NewSessionTicket.ticket'? * PAC-Info * PAC-Lifetime: replaced by ticket_lifetime+ticket_add_add * A-ID: still used * I-ID: still used * A-ID-Info: still used * PAC-Type: still used * PAC-Acknowledgement: no longer used Thanks [1] https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 [2] https://www.rfc-editor.org/rfc/rfc7170.html#section-4.2.12 _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu