[Last-Call] Secdir last call review of draft-ietf-emu-tls-eap-types-11

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Melinda Shore
Review result: Ready

This document updates TLS-based EAP methods to use key derivation mechanisms
from TLS 1.3, along with other TLS 1.3-required updates.  It's clearly written
and I believe could be implemented from.  There are several very minor nits,
which I actually don't think need to be addressed but are mentioned here in the
interest of completeness.  Section 3.1 is a very nice piece of work, as is the
security considerations.

2.1 “The inclusion of the EAP type makes the derivation method specific.” 
“method-specific” or “specific to the method” might be clearer

2.2 “PAC” should probably be spelled out on its first use.  Also EMSK and other
initialisms
 “j’th inner methods” should be singular
“In TLS 1.3, the derivation of IMCK[j] used both a different label” should be
present tense (“uses”)

2.4 should probably use either MS-CHAP or MS-CHAPv1 consistently



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux