Expert Review EAP Double TLS draft-badra-eap-double-tls-03.txt - PowerPoint PPT Presentation

About This Presentation
Title:

Expert Review EAP Double TLS draft-badra-eap-double-tls-03.txt

Description:

1. Does the method document its security properties in sufficient ... Borrows from EAP-TLS, PEAP, TTLS mechanisms. Some confusion about the 'inner' mechanisms ... – PowerPoint PPT presentation

Number of Views:37
Avg rating:3.0/5.0
Slides: 8
Provided by: HannesTs8
Learn more at: https://www.ietf.org
Category:
Tags: eap | tls | badra | borrows | double | draft | eap | expert | review | tls | txt

less

Transcript and Presenter's Notes

Title: Expert Review EAP Double TLS draft-badra-eap-double-tls-03.txt


1
Expert ReviewEAP Double TLSdraft-badra-eap-doubl
e-tls-03.txt
  • IETF63 - Paris
  • August 2, 2005

2
1. Does the method document its security
properties in sufficient manner, as required by
Section 7.2 of RFC 3748?
  • 1a. Mechanism. Is the mechanism explained?
  • Borrows from EAP-TLS, PEAP, TTLS mechanisms
  • Some confusion about the "inner" mechanisms
  • 1b. Security claims. Are the claimed and not
    claimed properties listed?
  • Many optional parts make an analysis difficult

3
1. Does the method document its security
properties in sufficient manner, as required by
Section 7.2 of RFC 3748?
  • 1d. Key strength. Is the key strength documented?
  • Insufficient (only pointers to TLS-PRF)
  • 1e. Description of key hierarchy. Is the key
    hierarchy documented?
  • More details about the EAP keying framework is
    required

4
1. Does the method document its security
properties in sufficient manner, as required by
Section 7.2 of RFC 3748?
  • 1f. Indication of vulnerabilities. Are the known
    vulnerabilities documented?
  • Crypto-Binding requires investigations

5
2. Compliance with EAP packet formats3.
Compliance with EAP behaviour
  • Mostly yes some features need to be described
    explicitly (rather than pointing to EAP-TLS)

6
4. Compliance with IANA requirements
  • Registry for AVPs required
  • EAP methods used as inner methods ? does not
    require IANA actions

7
My own question
  • Relationship to PEAP, TTLS, EAP-TLS
  • ... but not subject of the review!
Write a Comment
User Comments (0)
About PowerShow.com