I am in favor of sticking to draft-13. There was some discussion about whether draft-13 contained a TLS layering violation, but I believe that discussion concluded that it does not. As noted, discussion has mostly stalled since then with a few additional ideas surfacing that have added round trips. Other threads are now popping up expressing dissatisfaction with the extra round trip.
Alan mentions that betas may be months out for his product line - for Microsoft and Windows, the situation is much tighter. If we cannot reach consensus quickly we will need to push this out of our 2021 release cycle. Seeing as we're sitting on draft-13 with multiple implementations available, I would really prefer to reach consensus to finalize draft-13 and get this into the hands of customers this calendar year. Jorge Vergara -----Original Message----- From: Emu <emu-boun...@ietf.org> On Behalf Of Alan DeKok Sent: Saturday, January 23, 2021 2:28 PM To: Martin Thomson <m...@lowentropy.net> Cc: <tls@ietf.org> <tls@ietf.org>; EMU WG <e...@ietf.org> Subject: Re: [Emu] [TLS] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT) We're approaching 2 weeks since the last discussion of this topic. This document has been in development for 3 years. We desperately need to finish it. IMHO waiting another 6 months is not an option. Even 3 would be worrying. We have multiple inter-operable implementations which have implemented draft-13. That work over the last few months have resulted in implementors making plans to do beta testing in the next few weeks. Those plans have been put on indefinite hold, due to the recent request for changes. I understand getting feedback from the TLS WG is useful. But I would prefer to have consensus on a *solution*. Right now, we just have a series of proposed changes, with little to no discussion. We're getting to the point where we have to ship code as promised to customers soon (weeks, not months). We therefore need consensus, as soon as possible. My preference is to implement draft-13. We know the code works. People are ready to ship it. Any changes will add not just more months of standard discussion, but more months of interoperability testing. If there is no progress in EMU, we're looking at September for first betas. With no guarantee that there won't be further changes made after that. So the question is: * are the draft-13 0x00 byte and exporter *terrible* enough to delay the standard another 6 months? * if the answer is "no", then we can ship now. * if the answer is 'yes", then the next question is "when can we get this finalized?" "March" would be late. "July" is a major problem. > On Jan 12, 2021, at 10:22 AM, Alan DeKok <al...@deployingradius.com> wrote: > > On Jan 11, 2021, at 7:08 PM, Martin Thomson <m...@lowentropy.net> wrote: >> I was not exactly. I was thinking that EAP-TLS uses the unadorned string >> and other usages (that need a different MSK) define their own string as >> needed. > > Which is largely what was done for <= TLS 1.2. > > That choice made implementations more difficult. Not impossible, but > annoying. The other TLS-based EAP types are generally implemented as > variants of EAP-TLS. They re-use much of the EAP-TLS code. So every > difference is more code, and more things to test. > >> Though what you describe would scale more, if the ordinality of that scale >> is bounded by RFC numbers, defining the extra strings would not be that >> hard. You could provide some sort of infrastructure in the form of a >> recommended label prefix if you are concerned about misuse. > > I'm not sure EAP-TLS is the place to make recommendations for other EAP > types. There is a draft to deal with other EAP types: > > https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-dekok-emu-tls-eap-types-00&data=04%7C01%7Cjovergar%40microsoft.com%7Cb558b067ea62444150d008d8bfee5b6a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637470377753309597%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=eTBptf92iMhYupJv9kRLl%2FzAV75fZXSbDjTI9sKu%2Bvs%3D&reserved=0 > > It's pretty trivial. Adding more complexity is annoying, but not much worse > than that. > > My preference is to remain with the EAP type as the context. The code is > simple, and it's easy to understand. But if it causes issues with TLS > review, we can change it. > > Alan DeKok. > _______________________________________________ Emu mailing list e...@ietf.org https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Femu&data=04%7C01%7Cjovergar%40microsoft.com%7Cb558b067ea62444150d008d8bfee5b6a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637470377753319592%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=JQCtoTOMTzouZnJ0ILj%2B8%2BtIpJW8t04HbSlDDGYf8VQ%3D&reserved=0 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
