| RE: RE: channel binding | <– Date –> <– Thread –> |
From: Yoshihiro Ohba (yohba727 hotmail.com)
|
|
| Date: Mon, 8 Aug 2005 13:58:16 -0400 (EDT) | |
Hi Joe,
Thank you for prompt response. Please see my comment below.
Although I agree that binding data to the authentication exchange and binding data to the key derivation are different approaches, I don't agree with using keys generated by an EAP method for arbitrary purpose, especially AAA-Key. I think there is a key-scoping issue if we do not specify the usage of the keys generated by an EAP method. At least AAA-Key should be restricted to be used by a specific pair of EAP peer and authenticator. Also, this is also related to EAP applicability statement which currently allows the use of EAP for network access authentication, not for authentication for arbitrary application.
Besides this I have two issues on the use of EAP-method based chanel binding scheme.
One issue is as described in section 2 of draft-ohba-eap-aaakey-binding. The other issue is complexity being added to each EAP method by having direct communication between each EAP method and lower layer, which is not described in the EAP state machine I-D. The latter issue issue keeps me away from implementing EAP-method based chanel binding scheme in Open Diameter EAP libraries.
Thank you for prompt response. Please see my comment below.
From: "Salowey, Joe" <jsalowey [at] cisco.com> To: "Yoshihiro Ohba" <yohba727 [at] hotmail.com> CC: <eap [at] frascone.com> Subject: [eap] RE: channel binding Date: Mon, 8 Aug 2005 09:19:40 -0700
> > I don't understand this, as we are not discussing the case > where EAP derived keys are not used.
[Joe] We are discussing the capabilities of an EAP-method. Although an EAP-method can generate keys there is nothing forcing those keys to be used for anything. Binding data to the authentication exchange and binding data to the key derivation are similar but different approaches.
Although I agree that binding data to the authentication exchange and binding data to the key derivation are different approaches, I don't agree with using keys generated by an EAP method for arbitrary purpose, especially AAA-Key. I think there is a key-scoping issue if we do not specify the usage of the keys generated by an EAP method. At least AAA-Key should be restricted to be used by a specific pair of EAP peer and authenticator. Also, this is also related to EAP applicability statement which currently allows the use of EAP for network access authentication, not for authentication for arbitrary application.
Besides this I have two issues on the use of EAP-method based chanel binding scheme.
One issue is as described in section 2 of draft-ohba-eap-aaakey-binding. The other issue is complexity being added to each EAP method by having direct communication between each EAP method and lower layer, which is not described in the EAP state machine I-D. The latter issue issue keeps me away from implementing EAP-method based chanel binding scheme in Open Diameter EAP libraries.
Regards, Yoshihiro Ohba
I do not think that one should eliminate binding of data in the authentication in favor of binding data in the key derivation as they solve different problems. I am not familiar with the EAP-IKEv2 use of "channel bindings", but I would rather see the capability fixed if it has a problem than removed. _______________________________________________ eap mailing list eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap
-
channel binding Jari Arkko, August 5 2005
- RE: channel binding Salowey, Joe, August 5 2005
- channel binding Yoshihiro Ohba, August 8 2005
-
RE: channel binding Salowey, Joe, August 8 2005
- RE: RE: channel binding Yoshihiro Ohba, August 8 2005
-
RE: RE: channel binding Salowey, Joe, August 8 2005
-
RE: RE: channel binding Yoshihiro Ohba, August 8 2005
- Re: RE: channel binding Nicolas Williams, August 8 2005
- Re: RE: channel binding Yoshihiro Ohba, August 9 2005
-
RE: RE: channel binding Yoshihiro Ohba, August 8 2005
Results generated by Tiger Technologies using MHonArc.