| Re: Basic facts about EAP | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Mon, 2 May 2005 13:59:48 -0400 (EDT) | |
Yoshihiro Ohba wrote: >Given that the channel binding parameters would have to be pretty well >specified between the EAP peer and authenticator, the authenticator >can send the opaque objects to the EAP server via a AAA protocol >(e.g., a channel-binding attribute/AVP). The EAP server will be able >to calculate the AAA-Key without necessarily knowing the semantics of >the opaque objects. What do you think? > > Sure. In fact, we are mostly doing this already... almost all information that one can think of as being a channel property already has an associated AAA attribute. But I was more worried about how the peer and the AAA server can be in sync about the parameters to be used. If they don't communicate over EAP, this leaves only full one-time specification as an option. If they communicate (as in various drafts that propose to do channel binding), then the set of parameters can evolve. --Jari
- Re: Basic facts about EAP, (continued)
- Re: Basic facts about EAP Jari Arkko, May 2 2005
- Re: Basic facts about EAP Bernard Aboba, May 2 2005
- Re: Basic facts about EAP Yoshihiro Ohba, May 2 2005
- Re: Basic facts about EAP Yoshihiro Ohba, May 2 2005
- Re: Basic facts about EAP Jari Arkko, May 2 2005
- Re: Basic facts about EAP Yoshihiro Ohba, May 2 2005
- Approach to channel bindings (Was; Re: [eap] Basic facts about EAP) Jari Arkko, May 3 2005
- Re: Approach to channel bindings (Was; Re: [eap] Basic facts about EAP) Yoshihiro Ohba, May 3 2005
- RE: Basic facts about EAP Alper Yegin, May 2 2005
Results generated by Tiger Technologies using MHonArc.