Hi,
Looking at the GitHub version after the latest changes. I don't think the
tradeoffs make sense anymore.
- Full handshake is now 4.5 round-trips
- Resumption is now 4.5 round-trips.
This does not seem like a good tradeoff or optimization at all. If we instead
skipped Resumption, the full handshake could as far as I understand always be
done in 3.5 round-trips. This would cut a large amount of complexity from the
draft and implementations and make the protocol much faster.
Trading a few asymmetric operations for an additional round-trip does not make
sense to me. Optimizing away a few asymmetric operation is not important.
Optimizing the number of round-trips is very important.
My conclusion from the discussion regarding the Commitment message is not that
is should be replaced by the close_notify, but that EAP-TLS should probably
remove Commitment message, NewSessionTicket, and resumption...
EAP-TLS 1.3 could then be done in 3.5 round-trips as shown below:
EAP-TLS Peer EAP-TLS Server
EAP-Request/
<-------- Identity
EAP-Response/
Identity (Privacy-Friendly) -------->
EAP-Request/
EAP-Type=EAP-TLS
<-------- (TLS Start)
EAP-Response/
EAP-Type=EAP-TLS
(TLS ClientHello) -------->
EAP-Request/
EAP-Type=EAP-TLS
(TLS ServerHello,
TLS EncryptedExtensions,
TLS CertificateRequest,
TLS Certificate,
TLS CertificateVerify,
<-------- TLS Finished)
EAP-Response/
EAP-Type=EAP-TLS
(TLS Certificate,
TLS CertificateVerify,
TLS Finished) -------->
<-------- EAP-Success
/John
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
