Chairs: Mohit Sethi, Joe Salowey
Jabber Scribe: -
Note taker: Aleksi Peltonen
Presented by Tuomas Aura Tuomas: - Open issue: Message encoding - CBOR considered in 2016, rejected. JSON chosen instead. - Progress has been made since then. Should EAP-NOOB use CBOR? - Problem with JSON: lack of canonical form, causes unambiguous HMAC input
Carsten: CBOR does have deterministic encoding. Should work as needed. Tuomas: Application requirements from application using EAP-NOOB. Carsten: Can be solved using bytestrings in CBOR. Mohit: Strcit mode not included in all implementations. Elliot: Encoding not a big issue. Code footprint and availability of libraries more important.
Tuomas: - Two reviews done, feedback included in draft - Dave Thaler - Hannes Tschofenig - Up-to-date implementation done by Ericsson
Joe: Discussion about encoding can continue on the mailing list.
Presented by Mohit Sethi Mohit: - Problem: In EAP, can't leave Peer in unconditional state. - Commitment Message text caused confusion in draft. - Should be clarified. Last thing left to do.
Alan: Interoperatibility testing done. Text mostly okay, requires minor change. Eric: Jim: Not done with connection. Joe: Need to have more discussion. Mohit: Issue needs to be solved before moving on.
Presented by Alan DeKok Alan: - 01 version published - Updates to FAST, TEAP, TTLS, PEAP - Reviewed by Jorge Vergara
Mohit: Should TEAP be in the document at all? Alan: Either way is fine. Shuold refer to TEAP documentation. Elliot: TEAP update might take a while, should maybe not be mentioned here. Mohit: Could be included as reference.
Presented by Oleg Pekar Oleg: - TLS 1.3 is not covered in the errata. - ID 5127,5128: KDF calls ambiguity - Problem: calls to TLS-PRF don't correspond to TLS-PRF definition - ID 5765: Make authority-ID TLV optional
Mohit: What would be the consequence of making this optional? Should it always be optioal or just in certain cases? Oleg: Good question - needs more thinking.
Oleg: - ID 5767,5845: Send intermediate-result TLV upon completion of each EAP authentication inner method - ID 5767,5845: Intermediate-result TLV/cryptobinding TVL - clarifications on usage
Mohit: Agree with the change. What kind of password authentication is this? Oleg: Plain password authentication.
Oleg: - ID 5844: Intermediate-result TLV in basic password authentication - Intermediate results must be sent after authentication - Example in appendix C needs to be fixed - ID 5768: Compound MAC in CMK has variable length per hash algorithm - Fixed sized length not good
Mohit: Reference to inner or outer EAP method? Joe: Probably outer. Needs to be verified.
Oleg: - ID 5770: Keep both MCK derived from inner method MSK and EMSK
Mohit: Out of time. We try to have an interim meeting. Poll will be sent. Joe: Agree with interim.
Out of time.