| Re: Issue 235: (Key Framework) Rewrite of Section 1 | <– Date –> <– Thread –> |
From: Florent Bersani (florent.bersani rd.francetelecom.fr)
|
|
| Date: Thu, 8 Apr 2004 10:54:42 -0400 (EDT) | |
Bernard Aboba wrote:
I agree, apologies if my wording offended you.I would thus rather have something like: "Should an EAP method have
knowledge of the lower layer over which it is transported and should it
wish to utilize identifiers associated with a particular media
environment - for instance to provide channel binding, it MAY do so but
it SHOULD support all media types EAP is commonly run over to avoid
specializing EAP to a particular media type".
Media independence is one of the fundamental properties of EAP. It is not
a "nice to have".
I totally agree - at least for the ongoing revision of 802.16 since the original standard does not use EAP at all, as you knowHad this advice been taken in 1998 when EAP was first implemented, operation over 802.11 would not be possible today since that was not one of the media on which EAP was commonly run over at the time.
Similarly, 802.16 is not common today, but it has adopted EAP as its
authentication framework.
Let's rephrase: my point was that to the naive reader that I am, the media independence seemed to contradict the channel binding. If this is not the case (which I do hope and believe), then some clarification might be needed. The text you very kindly provided might be well suited to do so...I am not aware of a case in which media independence needs to be compromised in order to provide for identification or channel binding. For example, an EAP method need not necessarily be aware of the content of an Identifier in order to use it. In terms of channel binding, it can pass the Called or Calling-Station-Id to the AAA server as an opaque blob and receive back a confirmation of whether it matched or not, again without having knowledge of media.
My only question (which does not belong to EAP) is more of a trivial conclusion on implementations: for the EAP method to pass the opaque blob containing the Called or Calling-Station-Id, it first needs to get that blob. Hence, we need here some communication between the EAP method and something that is aware of the media over which EAP is being run, don't we?
-
Issue 235: (Key Framework) Rewrite of Section 1 Bernard Aboba, April 3 2004
-
Re: Issue 235: (Key Framework) Rewrite of Section 1 Florent Bersani, April 8 2004
-
Re: Issue 235: (Key Framework) Rewrite of Section 1 Bernard Aboba, April 8 2004
- Re: Issue 235: (Key Framework) Rewrite of Section 1 Florent Bersani, April 8 2004
- RE: Issue 235: (Key Framework) Rewrite of Section 1 Joseph Salowey, April 8 2004
- RE: Issue 235: (Key Framework) Rewrite of Section 1 Alper Yegin, April 12 2004
-
Re: Issue 235: (Key Framework) Rewrite of Section 1 Bernard Aboba, April 8 2004
-
Re: Issue 235: (Key Framework) Rewrite of Section 1 Florent Bersani, April 8 2004
Results generated by Tiger Technologies using MHonArc.