| RE: Proposed Resolution to Issue 243: State Synchronization | <– Date –> <– Thread –> |
From: Walker, Jesse (jesse.walker intel.com)
|
|
| Date: Wed, 14 Jul 2004 16:34:57 -0400 (EDT) | |
Florent, Yes, the distributed consensus problem does not admit a solution. But this is because the protocol does not complete due to network partitions. If the protocol completes, however, there is a certain amount of state that must be synchronized, or else the protocol can't be considered secure under any reasonable definition of secure. This is what the language "when the EAP method completes successfully" from the first sentence is supposed to capture. Can you suggest another way to express this concept? -- Jesse -----Original Message----- From: eap-admin [at] frascone.com [mailto:eap-admin [at] frascone.com] On Behalf Of Florent Bersani Sent: Wednesday, July 14, 2004 1:37 PM To: eap [at] frascone.com Cc: Bernard Aboba Subject: Re: [eap] Proposed Resolution to Issue 243: State Synchronization I understand what is meant but I feel concerned that "synchronization of state" may be understood as "common knowledge" (which is impossible to reach in a distributed environment with unreliable communications http://www.cs.cornell.edu/home/halpern/papers/common_knowledge.pdf - using the paper's terminology page 5, what we want here is E or E2 but not C that we can't provide). Though I tried I couldn't figure out some simple wording to reflect this (but I am still trying to). Am I the only one that is uncomfortable with this wording? Bernard Aboba wrote: >The proposed resolution is to change clause [4] of Section 2.2 to the >following: > >[4] Synchronization of state. The EAP method state of the EAP peer and > server must be synchronized when the EAP method completes > successfully. This includes the internal state of the > authentication protocol but not the state external to the EAP > method, such as the negotiation occuring prior to initiation of > the EAP method. The exact state attributes that are shared may > vary from method to method but typically include the method version > number, what credentials were presented and accepted by both > parties, what cryptographic keys are shared and what EAP method > specific attributes were negotiated, such as ciphersuites and > limitations of usage on all protocol state. Both parties must be > able to distinguish this instance of the protocol from all other > instances of the protocol and they must share the same view of > which state attributes are public and which are private to the two > parties alone. >_______________________________________________ >eap mailing list >eap [at] frascone.com >http://mail.frascone.com/mailman/listinfo/eap > > > _______________________________________________ eap mailing list eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap
-
Proposed Resolution to Issue 243: State Synchronization Bernard Aboba, July 8 2004
- Re: Proposed Resolution to Issue 243: State Synchronization Florent Bersani, July 14 2004
- RE: Proposed Resolution to Issue 243: State Synchronization Walker, Jesse, July 14 2004
- Re: Proposed Resolution to Issue 243: State Synchronization Florent Bersani, July 14 2004
-
RE: Proposed Resolution to Issue 243: State Synchronization Walker, Jesse, July 14 2004
- Re: Proposed Resolution to Issue 243: State Synchronization Florent Bersani, July 14 2004
- Re: Proposed Resolution to Issue 243: State Synchronization Bernard Aboba, July 16 2004
Results generated by Tiger Technologies using MHonArc.