Some technical comments on the document. Overall, I noticed that two
important capabilities are not currently supported:
1. Support for identity privacy. Currently the specification does
not support this, which could be a concern, particularly in Europe.
Privacy implies the negotiation of a secure channel prior to the EAP
method-specific identity exchange. In the case of EAP-PWD addressing this
would seem to imply the need to do two key exchanges, which leads to another
issue:
2. Fast reconnect. The protocol as currently designed does not
support fast reconnect, the ability to reauthenticate using an exchange that
is faster and computationally lighter weight. Where the administrative
domain contains a substantial number of users, the existing specification
could impose a heavy computational load on the server requiring acceleration
hardware, as well as imposing substantial delays on embedded clients. This
would be particularly apparent in situations where privacy is desired, which
could potentially double the computational load. One way to address this
(at the expense of PFS) would be to support fast reconnect, where the
previously negotiated master key is refreshed via an exchange of nonces, and
mutual proof of possession is demonstrated. An example of this approach is
the session resume functionality in TLS.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf