| Inner Application Extension in EAP smartcards | <– Date –> <– Thread –> |
From: Pascal Urien (Pascal.Urien enst.fr)
|
|
| Date: Mon, 9 May 2005 10:38:18 -0400 (EDT) | |
Dear All,
The IETF draft draft-funk-tls-inner-application-extension-01.txt defines
the TLS "Inner Application" extension. From a security point of view cryptographic operations
are based on an 'Inner Secret', whose value is
This value could be computed by an EAP-TLS smartcard and then given back to the host via
a new specific command like GET_INNER_SECRET
The resulting advantage will be, to authenticate the user, and then to produce the Inner Secret, in
order, for example, to perform the TNC protocol presented by John Vollbrecht during the last
IETF meeting
Any comment on that proposal ?
The IETF draft draft-funk-tls-inner-application-extension-01.txt defines
the TLS "Inner Application" extension. From a security point of view cryptographic operations
are based on an 'Inner Secret', whose value is
inner_secret = PRF(inner_secret,
"inner secret permutation",
SecurityParameters.server_random +
SecurityParameters.client_random +
session_key_material) [0..48];This value could be computed by an EAP-TLS smartcard and then given back to the host via
a new specific command like GET_INNER_SECRET
The resulting advantage will be, to authenticate the user, and then to produce the Inner Secret, in
order, for example, to perform the TNC protocol presented by John Vollbrecht during the last
IETF meeting
Any comment on that proposal ?
Pascal www.infres.enst.fr/~urien/openeapsmartcard
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.