EAP Extensions for the EAP Re-authentication Protocol (ERP)
draft-ietf-hokey-rfc5296bis-07
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-06-04
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2012-06-04
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2012-06-01
|
07 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-05-22
|
07 | (System) | IANA Action state changed to In Progress |
2012-05-18
|
07 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent |
2012-05-17
|
07 | Amy Vezza | State changed to Approved-announcement sent from Approved-announcement to be sent |
2012-05-17
|
07 | Amy Vezza | IESG has approved the document |
2012-05-17
|
07 | Amy Vezza | Closed "Approve" ballot |
2012-05-17
|
07 | Amy Vezza | Ballot approval text was generated |
2012-05-17
|
07 | Amy Vezza | State changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2012-05-17
|
07 | Stephen Farrell | Ballot writeup was changed |
2012-05-17
|
07 | Ralph Droms | [Ballot comment] Thank you for addressing the issues in my previous Discuss position. Figures 9 and 10 contain minor typos, including the capitalization of "cryptosuite" … [Ballot comment] Thank you for addressing the issues in my previous Discuss position. Figures 9 and 10 contain minor typos, including the capitalization of "cryptosuite" and missing " " (space characters) that affect the alignment of the ASCII-art. |
2012-05-17
|
07 | Ralph Droms | [Ballot Position Update] Position for Ralph Droms has been changed to No Objection from Discuss |
2012-05-17
|
07 | Barry Leiba | [Ballot comment] [Updated 17 May 2012, to clear my DISCUSS after the posting of -07.] Glen, Thanks for including my text for the IANA Considerations; … [Ballot comment] [Updated 17 May 2012, to clear my DISCUSS after the posting of -07.] Glen, Thanks for including my text for the IANA Considerations; I'm clearing my DISCUSS. In section 10, I would have thought s/insisted/stamped his foot petulantly and insisted/ so thanks for your restraint. In any case, I'm happy to stand behind what's in section 9. In section 11, the backhanded compliment to your colleagues, "(mostly)", is quite unnecessary. |
2012-05-17
|
07 | Barry Leiba | [Ballot Position Update] Position for Barry Leiba has been changed to No Objection from Discuss |
2012-05-17
|
07 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2012-05-17
|
07 | Glen Zorn | New version available: draft-ietf-hokey-rfc5296bis-07.txt |
2012-04-19
|
06 | Barry Leiba | [Ballot comment] You also need to get a correct email address for Yang Shi, or perhaps remove him from the author list (you can put … [Ballot comment] You also need to get a correct email address for Yang Shi, or perhaps remove him from the author list (you can put him in a "Contributors" section or in A.2). Email to the address in the document is bouncing, and this will cause you a problem during AUTH48. (If you can't fix the address and need/want to leave him in the author list, the AD can handle this during AUTH48, so it's not a disaster.) And you might want to take a look at A.2 and make sure you think it's complete. I see at least two mailing-list messages where Qin Wu acknowledges useful comments from Sebastien, for example. Up to you, of course; I'm just setting a flag. |
2012-04-19
|
06 | Barry Leiba | Ballot comment text updated for Barry Leiba |
2012-04-19
|
06 | Barry Leiba | [Ballot discuss] [Updated 20 Apr to include suggested text, and to add non-blocking comments below.] This document says there are no IANA actions. RFC 5296 … [Ballot discuss] [Updated 20 Apr to include suggested text, and to add non-blocking comments below.] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes 5 and 6 - Created the Message Types table - Created the Initiate and Finish Attributes table - Created the Re-authentication Cryptosuites table It also registered two values in the USRK Key Labels registry. The references in those IANA registries should now all be changed to point to this new RFC, instead of the now-obsolete 5296. The following text is a suggested change to the IANA Considerations section that will satisfy this. It changes the references, and also makes it clear where to find the technical documentation for each registered item. ----------------------------------------- 9. IANA Considerations This document replaces and obsoletes RFC 5296 [RFC5296], and IANA is asked to change all registered references to that document to point instead to this document. [RFC Editor note: please remove the previous paragraph on publication.] The previous version of this document performed the following IANA actions: 1. It registered Packet Codes "Initiate" and "Finish" in the EAP Registry. Those are documented throughout this document as "EAP-Initiate" and "EAP-Finish". 2. It created a Message Types table in the EAP Registry, and registered several items in that table. Those are documented throughout this document as "Re-auth-start" and "Re-auth". 3. It created an EAP Initiate and Finish Attributes table in the EAP registry, and registered several items in that table. Those are documented in this document in Section 5.3.4. 4. It created a Re-authentication Cryptosuites table in the EAP registry, and registered several items in that table. Those are documented in this document at the end of Section 5.3.2. 5. It registered two items in the USRK Key Labels registry: - Re-auth usage label "EAP Re-authentication Root Key@ietf.org", documented in this document in Section 4.1 - DSRK-authorized delivery key "DSRK Delivery Authorized Key@ietf.org", documented in this document in the description of "Authorization Indication" in Section 5.3.3 |
2012-04-19
|
06 | Barry Leiba | Ballot discuss text updated for Barry Leiba |
2012-04-19
|
06 | Barry Leiba | [Ballot discuss] [Updated 20 Apr to include suggested text, and to add non-blocking comments below.] This document says there are no IANA actions. RFC 5296 … [Ballot discuss] [Updated 20 Apr to include suggested text, and to add non-blocking comments below.] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes 5 and 6 - Created the Message Types table - Created the Initiate and Finish Attributes table - Created the Re-authentication Cryptosuites table It also registered two values in the USRK Key Labels registry. The references in those IANA registries should now all be changed to point to this new RFC, instead of the now-obsolete 5296. The following text is a suggested change to the IANA Considerations section that will satisfy this. It changes the references, and also makes it clear where to find the technical documentation for each registered item. ------------------------------------------------------------------------------ 9. IANA Considerations This document replaces and obsoletes RFC 5296 [RFC5296], and IANA is asked to change all registered references to that document to point instead to this document. [RFC Editor note: please remove the previous paragraph on publication.] The previous version of this document performed the following IANA actions: 1. It registered Packet Codes "Initiate" and "Finish" in the EAP Registry. Those are documented throughout this document as "EAP-Initiate" and "EAP-Finish". 2. It created a Message Types table in the EAP Registry, and registered several items in that table. Those are documented throughout this document as "Re-auth-start" and "Re-auth". 3. It created an EAP Initiate and Finish Attributes table in the EAP registry, and registered several items in that table. Those are documented in this document in Section 5.3.4. 4. It created a Re-authentication Cryptosuites table in the EAP registry, and registered several items in that table. Those are documented in this document at the end of Section 5.3.2. 5. It registered two items in the USRK Key Labels registry: - Re-auth usage label "EAP Re-authentication Root Key@ietf.org", documented in this document in Section 4.1 - DSRK-authorized delivery key "DSRK Delivery Authorized Key@ietf.org", documented in this document in the description of "Authorization Indication" in Section 5.3.3 ------------------------------------------------------------------------------ |
2012-04-19
|
06 | Barry Leiba | Ballot discuss text updated for Barry Leiba |
2012-04-19
|
06 | Barry Leiba | [Ballot discuss] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes … [Ballot discuss] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes 5 and 6 - Created the Message Types table - Created the Initiate and Finish Attributes table - Created the Re-authentication Cryptosuites table It also registered two values in the USRK Key Labels registry. The references in those IANA registries should now all be changed to point to this new RFC, instead of the now-obsolete 5296. The following text is a suggested change to the IANA Considerations section that will satisfy this. It changes the references, and also makes it clear where to find the technical documentation for each registered item. ------------------------------------------------------------------------------ 9. IANA Considerations This document replaces and obsoletes RFC 5296 [RFC5296], and IANA is asked to change all registered references to that document to point instead to this document. [RFC Editor note: please remove the previous paragraph on publication.] The previous version of this document performed the following IANA actions: 1. It registered Packet Codes "Initiate" and "Finish" in the EAP Registry. Those are documented throughout this document as "EAP-Initiate" and "EAP-Finish". 2. It created a Message Types table in the EAP Registry, and registered several items in that table. Those are documented throughout this document as "Re-auth-start" and "Re-auth". 3. It created an EAP Initiate and Finish Attributes table in the EAP registry, and registered several items in that table. Those are documented in this document in Section 5.3.4. 4. It created a Re-authentication Cryptosuites table in the EAP registry, and registered several items in that table. Those are documented in this document at the end of Section 5.3.2. 5. It registered two items in the USRK Key Labels registry: - Re-auth usage label "EAP Re-authentication Root Key@ietf.org", documented in this document in Section 4.1 - DSRK-authorized delivery key "DSRK Delivery Authorized Key@ietf.org", documented in this document in the description of "Authorization Indication" in Section 5.3.3 ------------------------------------------------------------------------------ |
2012-04-19
|
06 | Barry Leiba | [Ballot comment] You also need to get a correct email address for Yang Shi, or perhaps remove him from the author list (you can put … [Ballot comment] You also need to get a correct email address for Yang Shi, or perhaps remove him from the author list (you can put him in a "Contributors" section or in A.2). Email to the address in the document is bouncing, and this will cause you a problem during AUTH48. (If you can't fix the address and need/want to leave him in the author list, the AD can handle this during AUTH48, so it's not a disaster.) You also might want to take a look at A.2 and make sure you think it's complete. I see at least two mailing-list messages when Qin Wu acknowledges useful comments from Sebastien, for example. Up to you, of course; I'm just setting a flag. |
2012-04-19
|
06 | Barry Leiba | Ballot comment and discuss text updated for Barry Leiba |
2012-04-12
|
06 | Cindy Morgan | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation |
2012-04-12
|
06 | Ralph Droms | [Ballot discuss] This DISCUSS is raised against the publication status of the document. No action is required from the authors until it is resolved. I … [Ballot discuss] This DISCUSS is raised against the publication status of the document. No action is required from the authors until it is resolved. I expect to clear this DISCUSS after the telechat discussion of the document. The relationship between this document and RFC 5296, and the exact status of RFC 5296 should be clarified before this document is published. I've given an editorial example of the nature of the problem in my COMMENTs. Adrian has entered a COMMENT that I will expand to a DISCUSS to request a couple of sentences explaining why this document was written to accompany the summary of changes Adrian requested. This issue might be addressed by the RFC Editor note. |
2012-04-12
|
06 | Ralph Droms | [Ballot comment] There are at least two instances of references to "new EAP codes" or "New EAP Packets" that should be updated to reflect that … [Ballot comment] There are at least two instances of references to "new EAP codes" or "New EAP Packets" that should be updated to reflect that the EAP-Initiate and EAP-Finish Packet Codes are already defined, and add a citation to the appropriate IANA registry. This typo (missing " " in the line containing "cryptosuite") was copied forward from RFC 5296 (best read with fixed-width font): 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Code | Identifier | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type |R|B|L| Reserved| SEQ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1 or more TVs or TLVs ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | cryptosuite | Authentication Tag ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2012-04-12
|
06 | Ralph Droms | [Ballot Position Update] New position, Discuss, has been recorded for Ralph Droms |
2012-04-12
|
06 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded for Gonzalo Camarillo |
2012-04-11
|
06 | Pete Resnick | [Ballot comment] Pedantic nits: 4.1 (and similarly in 4.3 and 4.6): The rIK Label is the 8-bit ASCII string: What is an "8-bit ASCII … [Ballot comment] Pedantic nits: 4.1 (and similarly in 4.3 and 4.6): The rIK Label is the 8-bit ASCII string: What is an "8-bit ASCII string"? Do you mean "the following string of US-ASCII characters encoded in octets" or something like that? 5.2 (also 5.3.2 and 5.3.3): a 16-bit sequence number Any issue about byte order or sign/unsigned with these? 5.3.3: The value field is a 32-bit field and contains the lifetime of the [...] in seconds. Again, any issue with byte order or sign/unsigned with these? |
2012-04-11
|
06 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick |
2012-04-11
|
06 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2012-04-11
|
06 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded for Russ Housley |
2012-04-11
|
06 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded for Robert Sparks |
2012-04-10
|
06 | Wesley Eddy | [Ballot Position Update] New position, No Objection, has been recorded for Wesley Eddy |
2012-04-10
|
06 | Sean Turner | [Ballot comment] Nice job folks. Only nits: s3.2: r/5shows/5 shows s4.1: 4th bullet r/must/MUST ? |
2012-04-10
|
06 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded for Sean Turner |
2012-04-10
|
06 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded for Stewart Bryant |
2012-04-09
|
06 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded for Ronald Bonica |
2012-04-09
|
06 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2012-04-09
|
06 | Barry Leiba | [Ballot discuss] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes … [Ballot discuss] This document says there are no IANA actions. RFC 5296 did a number of things in the EAP registry - Registered Packet Codes 5 and 6 - Created the Message Types table - Created the Initiate and Finish Attributes table - Created the Re-authentication Cryptosuites table It also registered two values in the USRK Key Labels registry. Shouldn't the references in those IANA registries now all be changed to point to this new RFC, instead of the now-obsolete 5296? |
2012-04-09
|
06 | Barry Leiba | [Ballot Position Update] New position, Discuss, has been recorded for Barry Leiba |
2012-04-06
|
06 | Adrian Farrel | [Ballot comment] I have no objection to thepublication of this document. Please supply a short section "Changes from RFC 5296" Pleasecheck that all Erratahave … [Ballot comment] I have no objection to thepublication of this document. Please supply a short section "Changes from RFC 5296" Pleasecheck that all Erratahave also been applied to this revision http://www.rfc-editor.org/errata_search.php?rfc=5296 |
2012-04-06
|
06 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel |
2012-03-25
|
06 | Stephen Farrell | Placed on agenda for telechat - 2012-04-12 |
2012-03-25
|
06 | Stephen Farrell | State changed to IESG Evaluation from Waiting for AD Go-Ahead::Revised ID Needed |
2012-03-25
|
06 | Stephen Farrell | Ballot has been issued |
2012-03-25
|
06 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2012-03-25
|
06 | Stephen Farrell | Created "Approve" ballot |
2012-03-22
|
06 | Stephen Farrell | State changed to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead |
2012-03-16
|
06 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Charlie Kaufman. |
2012-03-12
|
06 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call |
2012-03-05
|
06 | Stephen Farrell | Ballot writeup was changed |
2012-03-01
|
06 | Jean Mahoney | Request for Last Call review by GENART is assigned to Richard Barnes |
2012-03-01
|
06 | Jean Mahoney | Request for Last Call review by GENART is assigned to Richard Barnes |
2012-03-01
|
06 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Charlie Kaufman |
2012-03-01
|
06 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Charlie Kaufman |
2012-02-27
|
06 | Cindy Morgan | Last call sent |
2012-02-27
|
06 | Cindy Morgan | State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (EAP Extensions for EAP Re-authentication Protocol (ERP)) to Proposed Standard The IESG has received a request from the Handover Keying WG (hokey) to consider the following document: - 'EAP Extensions for EAP Re-authentication Protocol (ERP)' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-03-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. In systems where EAP is used for authentication, it is desirable to avoid repeating the entire EAP exchange with another authenticator. This document specifies extensions to EAP and the EAP keying hierarchy to support an EAP method-independent protocol for efficient re- authentication between the peer and an EAP re-authentication server through any authenticator. The re-authentication server may be in the home network or in the local network to which the peer is connecting. This memo obsoletes RFC 5296. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-hokey-rfc5296bis/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-hokey-rfc5296bis/ballot/ This draft will be updated to actually include a reference to RFC 5296 (its sort of, but not quite, there now) and fix a couple of outdated references. The following IPR Declarations may be related to this I-D: http://datatracker.ietf.org/ipr/1694/ |
2012-02-27
|
06 | Stephen Farrell | Last call was requested |
2012-02-27
|
06 | Stephen Farrell | State changed to Last Call Requested from Publication Requested |
2012-02-27
|
06 | Stephen Farrell | Last call announcement was changed |
2012-02-27
|
06 | Stephen Farrell | Last call announcement was changed |
2012-02-27
|
06 | Stephen Farrell | Last call announcement was generated |
2012-02-27
|
(System) | Posted related IPR disclosure: Stephen Farrell's Statement about IPR related to draft-ietf-hokey-rfc5296bis-06 belonging to Microsoft | |
2012-02-08
|
06 | (System) | Ballot writeup text was added |
2012-02-08
|
06 | (System) | Last call text was added |
2012-02-08
|
06 | (System) | Ballot approval text was added |
2012-02-08
|
06 | Stephen Farrell | Draft added in state Publication Requested |
2011-11-15
|
06 | (System) | New version available: draft-ietf-hokey-rfc5296bis-06.txt |
2011-10-29
|
05 | (System) | New version available: draft-ietf-hokey-rfc5296bis-05.txt |
2011-07-11
|
04 | (System) | New version available: draft-ietf-hokey-rfc5296bis-04.txt |
2011-05-31
|
03 | (System) | New version available: draft-ietf-hokey-rfc5296bis-03.txt |
2011-03-14
|
02 | (System) | New version available: draft-ietf-hokey-rfc5296bis-02.txt |
2010-10-20
|
01 | (System) | New version available: draft-ietf-hokey-rfc5296bis-01.txt |
2010-09-13
|
00 | (System) | New version available: draft-ietf-hokey-rfc5296bis-00.txt |