Re: [Emu] I-D Action: draft-ietf-emu-eap-tls13-12.txt
Hi Hannes, In short: yes. At least I have encountered similar processes in the TLS working group (i.e., authors opening and closing issues based on mailing list reviews). We are sorry if you are not happy with the current processes. We are of course at your service. How would you like us to change? Do you have some better experience from other working groups? Perhaps you could consider writing a draft on github issue tracking best practices for the IETF? RFC 8875 currently doesn't mandate any specific policy for issue tracking: https://tools.ietf.org/html/rfc8875 We had opened issues mostly as an aid for us to keep track of the feedback received on the mailing list. Anyone is free to create new issues for various drafts that belong to this working group. For example, Alan Dekok opened an issue: https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/11 which was closed by John (one of the authors) after addressing the issue. You can obviously comment on a closed issue if you feel it is not adequately addressed or alternatively open a new issue. Also, while most of the drafts from this working group are available in github, the EMU working group has also recently published RFC 8940 (https://tools.ietf.org/html/rfc8940) which was not edited on github. At least so far EMU has chosen not to be too process oriented. Anyhow, I hope we can make progress on draft-ietf-emu-eap-tls13. --Mohit On 11/9/20 3:11 PM, Hannes Tschofenig wrote: > Hi Mohit, > > I am not quite sure how the process for Github issues works in this group. It > seems that you create the issues based on reviews, then you address them > yourself in the draft and you then close the issue yourself. > Is this how it works? > > Ciao > Hannes > > > -Original Message- > From: Emu On Behalf Of Mohit Sethi M > Sent: Monday, November 9, 2020 2:08 PM > To: emu@ietf.org > Subject: Re: [Emu] I-D Action: draft-ietf-emu-eap-tls13-12.txt > > Dear all, > > We had submitted a new version before the deadline. This version should > address most of the comments received during the last call. Here is the diff > for your convenience: > https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12. > > In particular: > > - we have removed some of text in the section on HRR and preventing > fragmentation that was repeated from RFC8446 and > draft-ietf-emu-eaptlscert: > https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/15 > > - we have tried to make the usage of EAP-TLS peer vs. EAP peer vs. > EAP-TLS client more consistent. Note that RFC5216 had used a mixture of these > terms interchangeably. The terminology section now also says "The term > EAP-TLS peer is used for the entity acting as EAP peer and TLS client. The > term EAP-TLS server is used for the entity acting as EAP server and TLS > server.". > > - we have now clarified the discrepancy between the "Commitment Message" > sending one byte of encrypted application data vs. the statement "EAP-TLS > does not protect any application data" in Section 2.4. > > - we have updated the text on revocation checking based on the recent > discussion. > > Let us know if there are some issues that still need to be addressed. > > John and Mohit > > On 11/3/20 12:26 AM, internet-dra...@ietf.org wrote: >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the EAP Method Update WG of the IETF. >> >> Title : Using EAP-TLS with TLS 1.3 >> Authors : John Preuß Mattsson >> Mohit Sethi >> Filename: draft-ietf-emu-eap-tls13-12.txt >> Pages : 30 >> Date: 2020-11-02 >> >> Abstract: >> This document specifies the use of EAP-TLS with TLS 1.3 while >> remaining backwards compatible with existing implementations of EAP- >> TLS. TLS 1.3 provides significantly improved security, privacy, and >> reduced latency when compared to earlier versions of TLS. EAP-TLS >> with TLS 1.3 further improves security and privacy by mandating use >> of privacy and revocation checking. This document also provides >> guidance on authorization and resumption for EAP-TLS in general >> (regardless of the underlying TLS version used). This document >> updates RFC 5216. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-12 >> https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-tls13-12 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12 >> >> >> Please note that it may take a couple of minutes from the time of >> submission until the htmlized version and diff are available at >> tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >>
Re: [Emu] I-D Action: draft-ietf-emu-eap-tls13-12.txt
Hi Mohit, I am not quite sure how the process for Github issues works in this group. It seems that you create the issues based on reviews, then you address them yourself in the draft and you then close the issue yourself. Is this how it works? Ciao Hannes -Original Message- From: Emu On Behalf Of Mohit Sethi M Sent: Monday, November 9, 2020 2:08 PM To: emu@ietf.org Subject: Re: [Emu] I-D Action: draft-ietf-emu-eap-tls13-12.txt Dear all, We had submitted a new version before the deadline. This version should address most of the comments received during the last call. Here is the diff for your convenience: https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12. In particular: - we have removed some of text in the section on HRR and preventing fragmentation that was repeated from RFC8446 and draft-ietf-emu-eaptlscert: https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/15 - we have tried to make the usage of EAP-TLS peer vs. EAP peer vs. EAP-TLS client more consistent. Note that RFC5216 had used a mixture of these terms interchangeably. The terminology section now also says "The term EAP-TLS peer is used for the entity acting as EAP peer and TLS client. The term EAP-TLS server is used for the entity acting as EAP server and TLS server.". - we have now clarified the discrepancy between the "Commitment Message" sending one byte of encrypted application data vs. the statement "EAP-TLS does not protect any application data" in Section 2.4. - we have updated the text on revocation checking based on the recent discussion. Let us know if there are some issues that still need to be addressed. John and Mohit On 11/3/20 12:26 AM, internet-dra...@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the EAP Method Update WG of the IETF. > > Title : Using EAP-TLS with TLS 1.3 > Authors : John Preuß Mattsson >Mohit Sethi > Filename: draft-ietf-emu-eap-tls13-12.txt > Pages : 30 > Date: 2020-11-02 > > Abstract: > This document specifies the use of EAP-TLS with TLS 1.3 while > remaining backwards compatible with existing implementations of EAP- > TLS. TLS 1.3 provides significantly improved security, privacy, and > reduced latency when compared to earlier versions of TLS. EAP-TLS > with TLS 1.3 further improves security and privacy by mandating use > of privacy and revocation checking. This document also provides > guidance on authorization and resumption for EAP-TLS in general > (regardless of the underlying TLS version used). This document > updates RFC 5216. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-12 > https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-tls13-12 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12 > > > Please note that it may take a couple of minutes from the time of > submission until the htmlized version and diff are available at > tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > ___ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
Re: [Emu] I-D Action: draft-ietf-emu-eap-tls13-12.txt
Dear all, We had submitted a new version before the deadline. This version should address most of the comments received during the last call. Here is the diff for your convenience: https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12. In particular: - we have removed some of text in the section on HRR and preventing fragmentation that was repeated from RFC8446 and draft-ietf-emu-eaptlscert: https://github.com/emu-wg/draft-ietf-emu-eap-tls13/issues/15 - we have tried to make the usage of EAP-TLS peer vs. EAP peer vs. EAP-TLS client more consistent. Note that RFC5216 had used a mixture of these terms interchangeably. The terminology section now also says "The term EAP-TLS peer is used for the entity acting as EAP peer and TLS client. The term EAP-TLS server is used for the entity acting as EAP server and TLS server.". - we have now clarified the discrepancy between the "Commitment Message" sending one byte of encrypted application data vs. the statement "EAP-TLS does not protect any application data" in Section 2.4. - we have updated the text on revocation checking based on the recent discussion. Let us know if there are some issues that still need to be addressed. John and Mohit On 11/3/20 12:26 AM, internet-dra...@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the EAP Method Update WG of the IETF. > > Title : Using EAP-TLS with TLS 1.3 > Authors : John Preuß Mattsson >Mohit Sethi > Filename: draft-ietf-emu-eap-tls13-12.txt > Pages : 30 > Date: 2020-11-02 > > Abstract: > This document specifies the use of EAP-TLS with TLS 1.3 while > remaining backwards compatible with existing implementations of EAP- > TLS. TLS 1.3 provides significantly improved security, privacy, and > reduced latency when compared to earlier versions of TLS. EAP-TLS > with TLS 1.3 further improves security and privacy by mandating use > of privacy and revocation checking. This document also provides > guidance on authorization and resumption for EAP-TLS in general > (regardless of the underlying TLS version used). This document > updates RFC 5216. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-emu-eap-tls13/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-12 > https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-tls13-12 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-tls13-12 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > ___ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu ___ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
