| RE: FW: [eap] Re: EAP key binding discussion | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Thu, 28 Apr 2005 13:49:43 -0400 (EDT) | |
> What about disclosure of the keys between the authenticators??
Here is the requirement (from RFC 4017):
Requirement: "Compromise of a single authenticator cannot
compromise any other part of the system, including session keys
and long-term secrets."
"any other part of the system" would seem to include other authenticators.
> I think EAP and its key management framework has not positioned itself
> well with respect to handovers and that is why the door for interpretations
> is being opened over and over.
I'd be interested in any data that you have collected on this. Having
recently done some tests on handover times in WLAN switches, I was
surprised by how well the equipment performs. For example, we have
measured handoffs of 25ms or less on a consistent basis with a number of
WLAN switch products. These measurements were made on equipment implementing
RFC 3579, RFC 3748, and WPA2 (including pre-authentication).
I have collected published material on handoff times at the following
location:
http://www.drizzle.com/~aboba/IEEE/
> the "mutual authentication" condition which requires mutual
> authentication between all parties,
-
FW: [eap] Re: EAP key binding discussion Nakhjiri Madjid-MNAKHJI1, April 27 2005
- Re: FW: [eap] Re: EAP key binding discussion Bernard Aboba, April 27 2005
-
RE: FW: [eap] Re: EAP key binding discussion Nakhjiri Madjid-MNAKHJI1, April 28 2005
- RE: FW: [eap] Re: EAP key binding discussion Bernard Aboba, April 28 2005
-
Re: FW: [eap] Re: EAP key binding discussion Jari Arkko, April 29 2005
- Re: FW: [eap] Re: EAP key binding discussion Bernard Aboba, April 29 2005
- RE: FW: [eap] Re: EAP key binding discussion Nakhjiri Madjid-MNAKHJI1, May 2 2005
Results generated by Tiger Technologies using MHonArc.