[{"author": "Alan DeKok", "text": "
There's a few more topics after that, but yes, those are top
", "time": "2023-01-11T17:02:13Z"}, {"author": "Alexander Clouter", "text": "For TEAPv2 I probably would suggest just forbidding inner authentication methods that do not provide an MSK/EMSK
", "time": "2023-01-11T17:17:03Z"}, {"author": "Eliot Lear", "text": "@Alex what does that mean for PKCS10/PKCS7 requests?
", "time": "2023-01-11T17:17:28Z"}, {"author": "Eliot Lear", "text": "I think we have to be a lot more crisp about all of this for T2
", "time": "2023-01-11T17:17:38Z"}, {"author": "Alexander Clouter", "text": "PKCS{7,10} is more an action request for bootstrapping/provisioning rather than proving who you are though, right?
", "time": "2023-01-11T17:18:34Z"}, {"author": "Alexander Clouter", "text": "bootstrapping after you are already authenticated, so a post-bootstrapping
", "time": "2023-01-11T17:18:50Z"}, {"author": "Eliot Lear", "text": "well.... there is identity information in both, but they are not METHODS and that's the issue.
", "time": "2023-01-11T17:20:18Z"}, {"author": "Eliot Lear", "text": "they have no byproducts
", "time": "2023-01-11T17:20:28Z"}, {"author": "Heikki Vatiainen", "text": "Just remembered about 5770: add a note that 64 octets need to be pulled from TLS-PRF even if only 32 first octets are needed?
", "time": "2023-01-11T17:20:59Z"}, {"author": "Eliot Lear", "text": "and side effects COULD produce something, but that would be an asymmetric key op with an exchnaged nonce
", "time": "2023-01-11T17:21:04Z"}, {"author": "Alexander Clouter", "text": "but do they occur only after an inner authentication (or resumed session)?
", "time": "2023-01-11T17:21:48Z"}, {"author": "Eliot Lear", "text": "no, there needn't be an inner auth
", "time": "2023-01-11T17:22:27Z"}, {"author": "Eliot Lear", "text": "only an outer auth
", "time": "2023-01-11T17:22:32Z"}, {"author": "Alexander Clouter", "text": "not really my comfort zone as not had to rub up against those attributes in anger
", "time": "2023-01-11T17:24:13Z"}, {"author": "Alexander Clouter", "text": "...or even at all
", "time": "2023-01-11T17:24:31Z"}, {"author": "Eliot Lear", "text": "Nobody did until recently. That's the problem
", "time": "2023-01-11T17:24:45Z"}, {"author": "Eliot Lear", "text": "I'm soon to become a pumpkin
", "time": "2023-01-11T17:28:12Z"}, {"author": "Peter Yee", "text": "I'll take over when you do, Eliot.
", "time": "2023-01-11T17:30:32Z"}, {"author": "Eliot Lear", "text": "Ok, Peter, you're up!
", "time": "2023-01-11T17:33:10Z"}, {"author": "Eliot Lear", "text": "Thanks, everyone!
", "time": "2023-01-11T17:33:17Z"}, {"author": "Peter Yee", "text": "Thanks, Eliot.
", "time": "2023-01-11T17:33:26Z"}, {"author": "Alexander Clouter", "text": "curious, are we raising hands, or just chipping in whenever
", "time": "2023-01-11T17:39:11Z"}, {"author": "Alan DeKok", "text": "If no one has implemented PAC, then for me that's a string signal to remove it.
", "time": "2023-01-11T17:47:26Z"}, {"author": "Alan DeKok", "text": "I've got nothing else for today
", "time": "2023-01-11T17:47:38Z"}, {"author": "Alan DeKok", "text": "sounds good
", "time": "2023-01-11T17:48:45Z"}, {"author": "Alan DeKok", "text": "thanks!
", "time": "2023-01-11T17:50:26Z"}, {"author": "Alan DeKok", "text": "I'll be in Yokohama
", "time": "2023-01-11T17:50:43Z"}]