eap Mailing List: Re: RE: [Isms] RADIUS is not a trusted third party

Re: RE: [Isms] RADIUS is not a trusted third party	<– Date –> <– Thread –>
From: Jeff Mandin (jmandinstreetwaves-networks.com)
Date: Wed, 20 Apr 2005 08:29:57 -0400 (EDT)

On 4/20/05, Glen Zorn (gwz) <gwz [at] cisco.com> wrote:

In order for a "trusted third party" in the technical sense to exist, the other two parties need to a) know about its existence and b) trust it. Does the "authenticating entity" know about the RADIUS server?

In an EAP scenario the peer does in fact know about the AAA Server (or rather it always assumes that the AAA might be there). Consequently the AAA-Server does resemble a TTP in the EAP case - as Jesse Walker wrote at length in http://mail.frascone.com/pipermail/eap/2004-October/002895.html

There are scenarios (eg. mobile wireless) where the peer is _not at all_ interested in the identity of the NAS - but only that the NAS is trusted by the larger entity (ie. operator) that uses the AAA-Server for access enforcement. That would amount to an inversion of what seems to be the standard trust model for RADIUS etc.

- Jeff Mandin

RE: RE: [Isms] RADIUS is not a trusted third party, (continued)
- RE: RE: [Isms] RADIUS is not a trusted third party Alper Yegin, April 19 2005
  - RE: RE: [Isms] RADIUS is not a trusted third party Glen Zorn (gwz), April 19 2005
    - RE: RE: [Isms] RADIUS is not a trusted third party Alper Yegin, April 20 2005
- RE: RE: [Isms] RADIUS is not a trusted third party Glen Zorn (gwz), April 19 2005
- Re: RE: [Isms] RADIUS is not a trusted third party Jeff Mandin, April 20 2005
- RE: RE: [Isms] RADIUS is not a trusted third party Nelson, David, April 21 2005
  - Re: RE: [Isms] RADIUS is not a trusted third party John Vollbrecht, April 21 2005
  - RE: RE: [Isms] RADIUS is not a trusted third party Bernard Aboba, April 21 2005

Results generated by Tiger Technologies using MHonArc.

eap Mailing List
View Index by: Date - Thread - Author