| Re: Fwd: I-D ACTION:draft-arkko-eap-service-identity-auth-01.txt | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Thu, 28 Oct 2004 12:44:32 -0400 (EDT) | |
You may ask what has changed from the -00 version that was discussed in the previous meeting. The main changes are:
- Hopefully a better explanation of what can be achieved through (1) what we call "channel binding" i.e. just ensuring that the three parties agree on the parameters or (2) additionally also authenticating this information. The former can be achieved without any configuration effort. The latter requires that someone -- maybe the auth server admin -- has explicitly stated that a particular parameter value is OK for a particular NAS.
Can people take a look and say if the new explanation is clear to them?
- A significant simplification by providing only a server-> client communication, and having the client be responsible for the verification.
- Reduction of the proposed parameter sets to something which we believe could easily be agreed upon in the near term. The rest could be pursued as additions in separate drafts.
--Jari
-
Fwd: I-D ACTION:draft-arkko-eap-service-identity-auth-01.txt Jari Arkko, October 28 2004
- Re: Fwd: I-D ACTION:draft-arkko-eap-service-identity-auth-01.txt Jari Arkko, October 28 2004
Results generated by Tiger Technologies using MHonArc.