I think this work is useful for bootstrapping IoT devices. I am in favour of
adoption.
There is also a comment.
In Section 5.1 EAP-TLS, " This identifier signals the EAP server that the peer
wishes to obtain "peer unauthenticated access" as per [RFC5216] Section 2.1.1
and [RFC9190]. " and " The device SHOULD ignore the EAP server certificate
entirely, as the servers identity does not matter. Any verification of servers
can be done at the HTTPS layer when the device access the captive portal. "
My understanding here is that the EAP server and client will not authenticate
each other in EAP-TLS, and all the authentication will be done in the " captive
portal ". So why recommend EAP-TLS as a provisioning method? Just send the
identifier "por...@eap.arpa" and then jump to a " captive portal ". Is that OK?
Regards,
Lei YAN
-Original Message-
From: Emu On Behalf Of Peter Yee
Sent: Friday, March 8, 2024 6:38 AM
To: emu@ietf.org
Subject: [Emu] Adoption call for eap.arpa
This is an adoption call for the eap.arpa Internet-Draft
(draft-dekok-emu-eap-arpa). This is an ancillary draft that Alan DeKok briefed
during the Prague (IETF 118) meeting. Seeing as it primarily exists as a
forward-looking extraction of certain descriptive material and IAB .arpa
domanrequests from other EMU documents, we consider it within the scope of the
WG charter. Alan did a recent minor update to the document and will speak
briefly about it during IETF 119.
With that said, your WG chairs would appreciate hearing your feedback on
whether this document is adopted or not. While it's not critical to adopt, it
really simplifies the domain registration for things like TLS-POK and would
have been great back when we did EAP-NOOB.
We are particularly interested in hearing from parties who are willing to
review the specification. So, if you've got interest in seeing the work
adopted, please formalize that by responding to the EMU mailing list with your
position.
The deadline for feedback is March 21st. Yes, that's during IETF
119 but after the EMU time slot, so hopefully you will have formed an opinion
by then, if not sooner. We hope to hear from lots of you!
Joe and Peter
1) https://datatracker.ietf.org/doc/draft-dekok-emu-eap-arpa/
___
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu
___
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu