Re: [Emu] Potential Issues with EAP-FAST

2009-01-27 Thread Katrin Höper
On Tue, Jan 27, 2009 at 10:56 AM, Glen Zorn wrote: > Chris Hessing wrote: > > > Further it bothers me more when > > I see a NIST document that indicates that EAP-FAST is the best choice > > for a secure, but easy to deploy, EAP method. > > >Alan DeKok replied: > > >Do the NIST documents per

Re: [Emu] Potential Issues with EAP-FAST

2009-01-27 Thread Katrin Höper
> > Chris Hessing wrote: > > Further it bothers me more when > I see a NIST document that indicates that EAP-FAST is the best choice > for a secure, but easy to deploy, EAP method. >Alan DeKok replied: >Do the NIST documents permit anonymous provisioning? [KH]: No. But I'll check whether the draf

[Emu] NIST public call for comments: "Recommendation for EAP Methods Used in Wireless Network Access Authentication"

2008-12-23 Thread Katrin Höper
Hi, This is a NIST public call for comments that is of interest for all IETF WGs that deal with EAP. The draft contains security requirements for key deriving EAP methods that are used for wireless access authentication. It covers non-tunneled as well as tunneled EAP methods. Please send your com

Re: [Emu] Review of Requirements for a Tunnel Based EAP Method

2008-11-03 Thread Katrin Höper
On Sun, Nov 2, 2008 at 11:00 PM, Joseph Salowey (jsalowey) < [EMAIL PROTECTED]> wrote: > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > > Behalf Of Katrin Höper > > Sent: Friday, October 31, 2008 8:22 AM > > To: em

[Emu] Review of Requirements for a Tunnel Based EAP Method

2008-10-31 Thread Katrin Höper
Hi, I have problems with some of the cryptographic binding claims in the curent document (draft-ietf-emu-eaptunnel-req-00.txt) and would like to discuss them on the list. Basically it is about claiming cryptographic bindings for MitM protection even if the inner method(s) does not derive keys. S

[Emu] Call for comments

2008-10-27 Thread Katrin Höper
Hi, I have recently posted "Threat Model for Networks Employing AAA Proxies", http://tools.ietf.org/html/draft-hoeper-proxythreat-00 in an attempt to summarize the discussions of the proxy email list so far. I haven't received many comments from the proxy list yet and would like to get some feedb

Re: [Emu] Consensus call on EAP-GPSK key lengths

2008-08-11 Thread Katrin Höper
I also vote for independent lengths to support crypto agility. Katrin On Fri, Aug 8, 2008 at 12:19 AM, Glen Zorn <[EMAIL PROTECTED]> wrote: > Alan DeKok writes: > > ... > > > Please respond FOR or AGAINST making the input and output lengths > > independent. This c

Re: [Emu] EMU WG Consensus call on acceptanceofthetunnelrequirements draft as a work item

2008-06-18 Thread Katrin Höper
I am also in favor. On Wed, Jun 18, 2008 at 4:57 PM, <[EMAIL PROTECTED]> wrote: > +1 > > > I'm also in favor... > > > > Nancy > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > > Hao Zhou (hzhou) > > Sent: Wednesday, June 18, 2008 1:45 P

[Emu] Invitation to subscribe to IETF proxy mailing list

2008-04-16 Thread Katrin Höper
Hi, Security problems related to network proxies persistently come up in several IETF WGs and may affect the security of existing IETF network solutions while slowing down the progress of some current Internet Drafts. For this reason, Tim Polk and I organized an informal meeting in Philadelph

Re: [Emu] EMU Charter revision

2008-02-28 Thread Katrin Höper
Yoshi, I disagree. I think channel binding can and should be be provided by EAP methods. An approach that can be used to add channel binding to any EAP method that supports mutual authentication and key establishment is outlined in: http://tools.ietf.org/id/draft-clancy-emu-aaapay-00.txt and htt