Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-15 Thread Alan DeKok
On Feb 14, 2021, at 9:46 PM, Benjamin Kaduk wrote: > On first look it seems like all of those will be able to achieve the > required properties. In some sense it is "probably" going to be "easier" > for an application using TLS to use TLS application data (as opposed to > alerts) to affect its be

Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-15 Thread Joseph Salowey
On Sun, Feb 14, 2021 at 6:47 PM Benjamin Kaduk wrote: > On Wed, Feb 10, 2021 at 10:48:10AM +, John Mattsson wrote: > > With Alan's comments, I think we are down to 3 alternatives: > > > > (1a). Use close_notify alert as protected success. > > Use error alerts as protected failure. > > >

Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-14 Thread Benjamin Kaduk
On Wed, Feb 10, 2021 at 10:48:10AM +, John Mattsson wrote: > With Alan's comments, I think we are down to 3 alternatives: > > (1a). Use close_notify alert as protected success. > Use error alerts as protected failure. > > - Forbid close_notify except as success indication > -

Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-12 Thread Alan DeKok
On Feb 12, 2021, at 2:53 AM, John Mattsson wrote: > But how do these work with other EAP methods now that we are taking about a > protected success. I assume this will be needed in TTLS, PEAP, FAST, TEAP? The other methods use the TLS tunnel to send application data. That application data i

Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-11 Thread John Mattsson
Date: Wednesday, 10 February 2021 at 11:48 To: EMU WG , "t...@ietf.org" , Benjamin Kaduk Subject: Re: [Emu] Protected Result Indicators in EAP-TLS 1.3 With Alan's comments, I think we are down to 3 alternatives: (1a). Use close_notify alert as protected success. Us

Re: [Emu] Protected Result Indicators in EAP-TLS 1.3

2021-02-10 Thread John Mattsson
ay, 9 February 2021 at 15:22 To: John Mattsson Cc: EMU WG Subject: Re: [Emu] Protected Result Indicators in EAP-TLS On Feb 9, 2021, at 5:00 AM, John Mattsson wrote: > > Below is my summary of the situation: > > - It seems like there will be consensus to have protected result indicat

Re: [Emu] Protected Result Indicators in EAP-TLS

2021-02-09 Thread Alan DeKok
On Feb 9, 2021, at 5:00 AM, John Mattsson wrote: > > Below is my summary of the situation: > > - It seems like there will be consensus to have protected result indicators > in EAP-TLS 1.3. > - No one has objected to mandate Error alert on fatal error condition. > - Optional protected result in

[Emu] Protected Result Indicators in EAP-TLS

2021-02-09 Thread John Mattsson
Below is my summary of the situation: - It seems like there will be consensus to have protected result indicators in EAP-TLS 1.3. - No one has objected to mandate Error alert on fatal error condition. - Optional protected result indicators are different from mandatory result indicators, recent