| RE: Re: EAP Key Binding | <– Date –> <– Thread –> |
From: Alper Yegin (alper.yegin samsung.com)
|
|
| Date: Wed, 20 Apr 2005 21:07:26 -0400 (EDT) | |
> > So, the issue is about binding PMK to NAS ports (WTPs in this case). > > Unless the NAS explicitly informs the host about the list of ports, how > > can this be handled? I think this is an issue for the EAP lower layer to > > handle. > > The NAS doesn't have to inform the host of the list of ports, it just has > to provide the host with the same NAS-ID that it provides to the AAA > server. You are correct that it is a lower layer issue. Dorothy can correct me if I'm wrong, but shared knowledge of NAS-ID does not seem to solve the problem she is describing. Unless both the host and the NAS agree on the list of ports (WTPs) associated/bound to the PMK (or, its derivatives), host cannot distinguish between a legitimate WTP and one that's using a compromised PMK (or, a derivative). In fact, what I'm talking about is further binding that not only includes the NAS ID but also the port IDs. Alper
- RE: Re: EAP Key Binding, (continued)
-
RE: Re: EAP Key Binding Walker, Jesse, April 18 2005
-
Re: Re: EAP Key Binding Dorothy Stanley, April 18 2005
- RE: Re: EAP Key Binding Alper Yegin, April 20 2005
- RE: Re: EAP Key Binding Bernard Aboba, April 20 2005
- RE: Re: EAP Key Binding Alper Yegin, April 20 2005
-
Re: Re: EAP Key Binding Dorothy Stanley, April 18 2005
-
RE: Re: EAP Key Binding Walker, Jesse, April 18 2005
Results generated by Tiger Technologies using MHonArc.