►
From YouTube: IETF111-EMU-20210729-2330
Description
EMU meeting session at IETF111
2021/07/29 2330
https://datatracker.ietf.org/meeting/111/proceedings/
A
B
The
request
so
again
we
have
minute
takers,
jabber
window
is
or
our
jabber's
open
and
people
can
talk
in
it
or
type
in
it,
and
we
will
try
to
relay
those
messages
and
there
are
no
more
blue
sheets,
it's
automatic.
So
when
you're
speaking,
please
state
your
name
and
always
remember
to
try
to
keep
things
professional
for
the
agenda.
We
have
just
to
go
over
this
administrivia
and
then
we'll
start
in
with
tls
based
eat
methods.
B
B
C
C
There
have
been
issues
with
eat
previously,
where,
if
you
don't
mangle
the
tls
layer
appropriately,
you
can
connect
not
authenticate
with
stuff
like
ttls
and
then
immediately
resume,
and
so
you
have
to
work
around
that.
This
is
not
even
pls
one.
Three.
It's
just
a
note
that
this
was
not
covered
in
the
previous
specs,
updated
section
5.1,
with
notes
on
protected
success
and
failure
indicators,
the
issue
there
is
ttls
when
you
have
pap
or
chap
inside,
there's
no
protected
success
or
failure
indicators.
C
The
only
other
comment
I
would
have
on
this
draft
is
some
text
I
posted
to
the
list
the
other
day
based
on
random
unnamed
vendors,
who
decided
that
we
should
use
anonymous
identifiers
inside
of
the
tls
tunnel,
and
perhaps
there
should
be
text
in
the
document
suggesting
that's
a
bad
idea,
and
so
on.
That
was
posted
to
the
list
a
few
days
ago
and
I
haven't
seen
any
comments
or
updates
to.
C
Well,
the
the
point
is,
usually
you
have
an
anonymous
identifier
in
the
outer
layer.
You
know
at
example.com
and
then,
when
you
go
inside
of
that,
you
have
ttls
or
peep
with
your
real
username,
joe
example.com,
and
some
vendors
decided
just
to
use
the
anonymous
identifier
in
both
places.
So
your
inner
identity
that
you
send,
along
with
your
password,
is
at
example.com
meaning.
You
cannot
meaningfully
authenticate.
C
Anyone
so
yeah
it's
it's
one
of
these
rather
surprising
things
that
it
got
past
the
most
basic
qa.
So
there's
about
four
or
five
paragraphs
of
text
in
the
list
which
I'm
suggesting
we
add
to
the
document
before
the
next
rev
explaining
we
should
have
an
anonymous
outer
identifier,
so
it's
routed
properly.
C
D
B
E
C
C
Oh
god,
this
is
a
horrible
horrible
issue
and
the
solution
for
their
customers
was
to
use
the
full
name,
including
username
and
realm
as
the
anonymous
outer
identity,
because
that's
the
only
thing
you
could
have
you
could
configure,
which
would
then
be
copied
to
the
inner
identity,
and
so
it
works,
for
you
know
mod
various
versions
of
works
that
people
can
get
online.
But
now
you
don't
have
an
anonymous
header
identity,
which
is
arguably.
D
F
Yeah,
you
mentioned
to
strip
the
inner
username
sorry.
This
is
jan
fred
speaking
to
men
strip
the
inner
username
of
the
realm,
but
I
can
actually
think
of
some
rare
cases
where
the
routing
may
have
a
different
realm
than
the
inner
username.
For
example,
if
different
user
bases
are
configured
in
one
server
and
also
I
have
encountered
some
operating
systems
windows,
especially
which
actually
uses
the
realm
of
the
inner
username
to
determine
the
outer
username.
C
C
B
A
B
And
we
need
a
couple
more
folks
to
to
review
this
draft
so
that
we
can
get
it
to
a
place
and
then
we
can
last
call
it.
So
I
think
certainly
have
the
discussion
that
we
need
to
have.
I
think
it's
getting
reasonably
close,
but
I'd
feel
a
lot
better
if
we
had
more
folks
on
the
call,
if
you
haven't,
is
there
anybody
who
would
want
to
commit
to
reading
this
and
reviewing
this
draft
in
the
next
month
or.
B
B
A
C
C
C
C
C
So
the
requirements
device
has
a
network
connection.
Untrusted
is
fine.
Slow
is
fine
root
cas
for
web
pki,
a
username
and
a
password
and
per
dan's
comments
on
the
list.
That's
a
good
point.
It
doesn't
actually
require
the
username
and
password
all
it
really
needs
is
the
realm,
but
the
initial
purpose
of
this
draft
is
end
user
devices,
so
we'll
just
call
it
a
username
and
password.
C
So
if
we
go
to
the
next
slide,
what
the
device
does
is
it
gets.
The
nai
from
the
username
looks
up
a
cert
resource
record
gets
a
uri
which
is
https,
so
you
don't
need
dns
sec.
It
doesn't
matter
if
someone
forges
those
dns
records
because
you're
looking
up
a
uri
in
the
nai
domain
that
you
were
given.
C
And
now
you
have
a
network
you
can
connect
to.
You
know
the
ca
that
sign
the
server
cert.
You
know
your
domain,
you
pick
each
tls
as
it
says
in
the
document
or
ttlsp,
some
tls
based
eat
method
and
you
can
authenticate
knowing
that
the
eep
server
you're
talking
to
has
a
chain
of
trust
going
back
to
the
http
server
and
the
web
pki.
C
There's
a
lot
of
details
in
the
draft
about
variations
of
all
this
there's
a
lot
of
questions
about
what
happens
in
this
situation
or
this
situation.
That's
all
covered,
there's
lots
of
lots
of
details
in
the
draft
about
what
doesn't
work
and
why
these
things
don't
work
initially.
The
first
pass
really
only
needs
dns
and
web
configured
on
the
server
side
and
a
client
space
user
utility
on
the
client
side
and
no
real
changes
to
the
supplicant
code.
C
C
And
so
the
goal
is,
for
example,
one
use
case
is,
you
know,
10
000
university
students
want
to
get
into
eduroam,
they
have
a
username
and
a
password
and
they
just
connect
to
eduroam
with
unauthenticated
eeptls.
Do
some
lookups
for
the
university
get
the
certificate
information
and
then
reconnect
with
full
authentication.
C
So
you
can
work
in
captive
portals
to
get
your
configuration
or,
if
you
have
lte,
you
can
bootstrap
wi-fi
minimal,
deep
server
side
changes
required,
no
code
changes
on
dns
or
web
servers.
Your
configuration
can
be
refreshed.
The
document
talks
about
how
configuration
refresh
works
can
follow
a
process,
so
the
user
ui
can
follow
a
process
similar
to
web
uis,
but
for
network
access,
hey
we're
connecting
to
this
network.
C
C
C
C
G
G
C
C
C
We
need
a
positive
signal
that
you're
trying
to
do
eeptls
by
using
an
outer
username
of
something
like
provisioning
at
eep.arpa,
and
now
the
eep
server
knows
hey,
I'm
going
to
put
you
in
a
captive
portal.
You
have
network
connectivity,
you
can
do
four
dns
lookups
a
couple
of
web
downloads.
You
get
your
configuration,
you
drop
the
wi-fi
connection,
you
bring
it
back
up
again
with
your
new
eep
configuration
and
it
all
should
just
work.
D
C
This
is
just
a
trust
anchor
the
current
code.
That's
there
in
the
github
repo
in
fact
doesn't
verify
the
web
server
certificate.
Whatever
right,
you
can
always
pass
the
correct
options.
The
the
key
thing
I'm
trying
to
do
here
is
leverage
some
pre-existing
network
connectivity
and
pre-existing
trust
to
walk
a
chain
of
information
to
get
your
eep
configuration.
D
Fair
enough,
so
I
mean
like
because
there's
multiple
places
where
you
can
get
trust
anchors
from
so
it
kind
of
long
as
long
as
whatever
your
client
is
doing,
gets
back
to
its
trust.
Anchor
store.
That's
enough!
It's
not
like
you
must
use.
You
know
this
particular
web
pi
store.
So
I
think
that's
that
makes
sense.
B
C
C
You
sign
certificates
for
your
university,
which
contain
all
the
university
addresses,
but
they're
from
this
unknown
ca
and
you
broadcast
an
eduroam
ssid
and
there
are
a
good
chunk
of
devices
which
simply
never
notice
or
the
information
they
provide
to
the
user
is
completely
useless,
and
so
the
devices
will
go.
Oh
that's
a
ca.
I've
never
seen
before.
C
E
E
E
C
C
You
have
no
idea
whether
or
not
the
server
certificate
is
okay,
whether
it's
from
a
known
ca.
It's
completely
opaque.
I
have
a
bunch
of
screen
shots
from
different
devices.
Different
vendors,
where
they
do
things
like
put
up
the
fingerprint
of
the
server
certificate
and
say:
is
this?
Okay
and
the
user
has
absolutely
no
way
of
telling
whether
or
not
that's
okay,
whereas
instead,
if
there
was
some
way
to
get
trusted
configuration
and
trusted
eep
ca,
then
when
the
user
tries
to
connect
you
can
the
supplicant
can
connect
to
the
server
and
go
hey?
C
C
And
therefore,
you
know
show
that
to
the
user
hey,
this
is
a
trusted
ssid
and
that
kind
of
thing
can
be
used
for
different
ssids
right.
So
the
draft
talks
about
how
to
configure
ssids,
but
let's
say
the
user-
wants
a
config
wants
to
connect
to
an
ssid
that
he
doesn't
know
about
right.
He
should
be
able
to
just
click
an
ssid
and
get
told
yes.
The
server
see
is
the
server
certificate
is
trusted
or
not,
and
if
it's
trusted,
then
you
can
send
over
your
credentials
and
if
it's
not
trusted,
you
can't.
C
C
The
examples
here
are
web
pki.
Then
we
can
get
a
chain
of
trust
which
ends
up
allowing
the
supplicant
to
configure
e
and
the
end
user.
For
the
user
portion
of
this
from
the
end
user
side,
all
they've
done
is
enter,
my
name
is
allen.
Example.Com
and
my
password
is
super
secret
magic
happens
behind
the
scenes,
and
then
they
get
a
secure,
wi-fi
connection
that
they
can
trust.
C
That's
a
little
better
than
what
happens
today,
which
is,
I
think
at
best.
We
can
describe
it
as
painful.
You
know.
I
mean
anyone,
who's
gotten
a
new
device
and
tried
to
get
wi-fi
configured
to
secure
corporate
network.
Your
choices
really
are
banging
your
head
against
the
wall
or
downloading
some
mdm
software,
and
then
what
happens
right
and
then
this
is
a
question
two,
which
is,
if
you
download
some
mdn
software
with
the
ca
that
comes
from
your
corporation
onto
your
personal
device
effectively,
they
can
pretend
to
be
google.
E
Okay,
yeah
thanks.
I
think
that
answers
my
question.
Maybe,
while
you
are
stayed
at
this
slide
and
if
the
there's
time
for
one
more
question,
how
like
I'm
not
sure
how
this
or
how
does
eep
work
with
captive
portals
in
general
and
then
like
how
like,
could
you
expand
a
little
bit
more?
What
does
it
mean
that
it
works
with
captive
forces.
C
The
issue
right
now
is
captive
portals
by
and
large,
don't
do.
Eep
and
you're
you're
left
with
some
human
reading,
some
webpage
trying
to
figure
out
what
to
do
and
whether
or
not
they
have
to
enter
their
credit
card
information,
for
example,
in
an
airport
the
nice
thing
about
using
unauthenticated
etls,
especially
if
we
can
use
a
realm
like
eat.arpa.
C
C
So
the
point
and
then
the
hope
here
is
to
take
the
person
out
of
this
process.
You
know,
having
pop-ups
to
say:
is
this
server
certificate
valid?
This
is
what
I
do
for
a
living.
I
have
no
idea
what
to
do
with
those
pop-ups
and
if,
instead,
my
process
is
here's,
my
name
and
password
and
I
get
on,
I
have
a
lot
more
confidence
in
that
so
yeah.
Removing
the
human
from
the
captive
portal
approach,
I
think,
is
beneficial
for
everyone.
B
B
G
G
This
trust
model,
of
course,
assumes
that
the
the
key
databases
has
is
has
some
strong
integrity.
The
whole
security
of
dpp
depends
upon
that.
This
bootstrapping
public
key
is
basically
a
base64
encoded,
asn.1
sequence
of
a
central
public
key
info,
and
it
looks
it's
transferred
any
uri
that
looks
like
this
tpp
colon
and
a
bunch
of
goo.
G
G
G
If
you
want
to
do
a
kind
of
you
know,
true
zero
touch
experience,
but
once
the
the
infrastructure
has
gotten
this
this
key
and
authenticated
the
device
the
device
can
be
given
a
credential
that
will
allow
it
to
get
on
any
possible
network.
It
can
get
a
psk
or
a
password.
It
can
get
a
certificate
if
it
needs
it
and
it
can
get
a
thing
called
a
connector
which
is
sort
of
like
a
goldilocks
credential.
G
G
G
So
if
you're
paying
attention
you're
going
to
say
well,
that's
great
dan,
but
what
does
this
have
to
do
with
emu?
And
that
is
a
fantastic
question.
So
dpp
solves
the
the
catch-22
problem
of
where
you
need
a
credential
to
get
a
credential,
but
dpp
is
4.11
only
and
it
doesn't
work
for
any
sort
of
other
medium.
G
So
what
we
wanna
do
is
we
wanna
use
the
same
sort
of
dpp
bootstrapping
techniques,
either
getting
the
public
key
from
the
cloud
or
from
a
qr
code,
that's
in
a
bomb
or
on
the
device's
back
side
or
using
nfc
or
whatever
the
the
various
schemes
that
dpp
has
provided.
We
want
to
use
that
to
establish
trust
across
both
wi-fi
networks
and
wire
deployments,
so
we
want
to
use
that
public
key
to
solve
the
the
same
catch
22
that
we
have
for
wired
enterprise
devices.
G
So
what
happens
is
we
can
use
so
dot?
One
x
is
gonna.
Do
identity
request
at
linkup,
so
there's
no
sorts
of
discovery.
Issues
involved,
there's
no
chirping
necessary,
and
so,
as
I
mentioned,
dpps.11
only
uses
these
pre-association
action
frames,
but
the
equivalent
for
that
in
wired
is
is
eep,
so
we
can
use
eep
to
do
this
sort
of
authentication.
G
G
G
We
signal
all
of
this
with
a
new
name
coming
out
of
the
extensible
psks
registry-
that's
being
defined
by
this
draft
here,
so
we're
not
actually
requiring
any
changes
to
anything.
There's
nothing
that
changes
in
teep
there's
nothing
that
changes
in
87
73,
nothing
changes
in
7250
and
all
we
do
is
ask
for
a
name
from
a
registry
of
names,
that's
being
defined
for
that
purpose.
G
So
here's
how
it
looks
in
tls,
the
plain
normal
font
is
the
existing
tls
exchange.
The
boldface
stuff
is
what's
being
is
what's
present
for
bootstrapping
with
with
dpp
and
the
red
stuff
is
the
new
stuff
we
added
so
we're
just
adding.
You
know
this.
This
bs
key
identifier
from
the
extended
psk's
draft
and
then
we're
adding
the
using
the
cert
with
external
psk
from
and
we're
indicating
that
the
client
will
be
using
a
raw
public
key
from
7250
and
other
than
that,
it's
straight
old
tls
next
slide.
G
G
And
so
how
this
all
hooks
into
eep
then
to
draw
back
to
that
question,
you
all
had
well
we're
going
to
use
this
to
authenticate
again
with
teep.
So
what
happens
is
at
link
up?
The
authenticator
is
going
to
say
who
are
you
and
the
client
being
having?
No
knowledge
of
anything
whatsoever
doesn't
know
what
his
realm
is
he's
just
going
to
say,
tls
poke.
Now
there
was
a
discussion
on
the
list
about
whether
this
should
be
tls,
poke,
tlspoke.arpa
or
something
like
that.
G
Whatever
we
can,
we
can
decide
that
later,
but
the
idea
is
that
the
client
responds
with
just
some
static
identity.
Saying
I'm
one
of
these
weird
bootstrapping
people
and
the
authenticator
then
will
will
initiate
teep
and
teep
will
be
authenticated
with
tls
dpp,
using
the
bootstrapping
key
that
the
authenticator
has
obtained,
using
whatever
dpv
bootstrapping
method.
G
Once
that's
been
authenticated,
then
we
just
do
the
regular
old,
teep
s-like
exchange,
where
there's
a
csr
attributes
tlv
followed
by
pkcs10
tlv,
a
pkc7
tov,
and
then
the
supplicant
now
has
been
enrolled
in
the
ca
and
all
of
his
subsequent
network
connections
will
use
this
in
the
certificate
that
he's
been
provisioned
with
next
slide.
Please.
G
So
where
we
are
is
we're
on
o3
of
the
spec.
I
hope
everyone
has
had
a
chance
to
read
it.
We
do
have
some
running
code
for
the
tls
portion
of
it.
Owen
has
implemented
this
in
mint
and
at
this
point
in
time
we
owen
presented
this
to
tls
yesterday
and
they
had
no
real
comments
about
or
concerns
with,
our
tls
approach.
G
B
B
We
have
a
few
folks,
I
think
we're
going
to
need
to
get
a
few
more
interested
parties
in
order
to
make
sure
that
we
have
enough
folks
to
do
the
review.
So,
let's
kind
of
work
offline
to
see,
if
that
something
we
can
do
so
that
yeah
do
we?
Can
we
get
some
volunteers
who
are
interested
in
reviewing
this
draft
as
well.
B
H
H
H
H
We
already
gave
our
presentation
at
the
ietf
109.
Also
some
commerce
were
received.
We
can
review
it
together.
Our
first
question
is
what
scenario
it
is
for.
The
scenario
are:
is
for
internet
of
things,
devices
especially
for
passive
wrong
life
device
and
other
scenarios
is
also
suitable
is.
Is
it
related
to
ibe?
H
We
just
use
ibs
signature
to
slow
the
identities
authentication
program,
not
use
the
identity
based
encryption
here,
any
any
running
code.
We
are
making
implementation
in
our
local
network,
recording
efts
ibs,
based
on
their
own
efts
1.2
and
using
ecce
and
another
question
is
any
cross
scope
of
iot
obs.
I
have
checked
charter
of
the
work
group.
I
think
they
have
no
class
scope.
H
And
pres
and
the
present,
the
version
is,
have
been
updated
to
version
02.
Detailed
modifications
can
be
seen
in
the
draft
by
the
two
tiers,
so
the
slides
just
give
a
summary.
We
have
two
updates
and
two
new
a's.
The
first
update
is
in
object,
which
a
a
reference
of
draft
itfts
details.
13.
The
second
update
is
in
the
introduction.
We
ate
a
text
description
in
the
draft
draft
itef
e-m-u-e-a-p-t-s.
H
H
And
the
two
new
ace
is
the
first
one
is
in
ia
consideration
part.
So
this
document
registers
the
following
items
in
the
merchant
types
registry
under
is
tangible
authentication,
protocol
registry
heading
and
the
second.
The
new
is
in
use
cases
of
the
eats
ibs.
In
section
three,
the
one
is
used
for
authentication
of
iot
and
the
other
is
used
for
system
that
do
not
support
ca
certificates.
H
H
We
update
the
process
in
in
figure
7
figure,
8
and
figure
9..
We
ate
a
round
trip
interaction
based
on
the
draft
item:
emu
e
apts
certainty
version
18
after
tls
finished
the
message
sent
from
eap
server,
no
more
commitment
message
sent
and
after
tia
has
finished.
The
message
sent
from
us
indicating
peer
will
return
an
ap,
requester
message:
waste
tls
application
date,
zero
exerto,
then
authenticating
peer.
Give
a
response.
Finally,
is
is
aap
success
which
flagged
end
of
the
procedure.
H
H
B
D
I'll
be
real,
quick,
I'm
not
a
lover
of
the
identity-based
encryption
or
than
any
signature
stuff
at
all,
but
also
I'm
okay,
with
people
exploring
and
doing
whatever
they
want.
So
I'm,
okay
with
progressing,
whether
it's
in
the
working
group,
where
you'd
be
sponsored
or
whatever
I
have
no
problem
with
that.
I
don't
really
have
an
opinion
whether
it
should
be,
it
must
be
in
whether
it
must
be
in
the
working
group
or
not.
So
that's
all.
I
really
want
to
say
thanks.