On Feb 3, 2023, at 8:19 PM, Melinda Shore via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Melinda Shore > Review result: Ready > > This document updates TLS-based EAP methods to use key derivation mechanisms > from TLS 1.3, along with other TLS 1.3-required updates. It's clearly written > and I believe could be implemented from. There are several very minor nits, > which I actually don't think need to be addressed but are mentioned here in the > interest of completeness. Section 3.1 is a very nice piece of work, as is the > security considerations. Thanks. The document took many years of work, and Section 3.1 only showed up in the document late in the process, but thankfully not too late. > 2.1 “The inclusion of the EAP type makes the derivation method specific.” > “method-specific” or “specific to the method” might be clearer I'll change it to "method-specific". > 2.2 “PAC” should probably be spelled out on its first use. Also EMSK and other > initialisms Thanks. I'll fix that. > “j’th inner methods” should be singular > “In TLS 1.3, the derivation of IMCK[j] used both a different label” should be > present tense (“uses”) Fixed. > 2.4 should probably use either MS-CHAP or MS-CHAPv1 consistently It should use "MS-CHAP" to mean "v1 or v2", and then add the "v" suffix only when referring to a specific version. Alan DeKik. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
