eap Mailing List: RE: RE: channel binding

[Yoshihiro Ohba (yohba727]

Hi Joe,

> From: "Salowey, Joe" <jsalowey [at] cisco.com>
> To: "Yoshihiro Ohba" <yohba727 [at] hotmail.com>
> CC: <eap [at] frascone.com>
> Subject: RE: [eap] RE: channel binding
> Date: Mon, 8 Aug 2005 11:12:48 -0700
>
>
> > >
> > >[Joe] We are discussing the capabilities of an EAP-method.
> > Although an
> > >EAP-method can generate keys there is nothing forcing those
> > keys to be
> > >used for anything.  Binding data to the authentication exchange and
> > >binding data to the key derivation are similar but different
> > approaches.
> >
> > Although I agree that binding data to the authentication
> > exchange and binding data to the key derivation are different
> > approaches, I don't agree with using keys generated by an EAP
> > method for arbitrary purpose, especially AAA-Key.  I think
> > there is a key-scoping issue if we do not specify the usage
> > of the keys generated by an EAP method.  At least AAA-Key
> > should be restricted to be used by a specific pair of EAP
> > peer and authenticator. Also, this is also related to EAP
> > applicability statement which currently allows the use of EAP
> > for network access authentication, not for authentication for
> > arbitrary application.
> >
>
> [Joe] I'm not sure what you are talking about as this has nothing to do
> with what I mentioned above.  I suggest that we do not try to confuse
> the issue.

Maybe I have over-reacted to the part "nothing forcing those keys to be 
used for anything".

>   > Besides this I have two issues on the use of EAP-method based
> > chanel binding scheme.
> > One issue is as described in section 2 of
> > draft-ohba-eap-aaakey-binding.
> > The other issue
> > is complexity being added to each EAP method by having direct
> > communication between each EAP method and lower layer, which
> > is not described in the EAP state machine I-D. The latter
> > issue issue keeps me away from implementing EAP-method based
> > chanel binding scheme in Open Diameter EAP libraries.
> >
> [Joe] Neither mechanism is ideal, as the both require changes to the
> system. I am not arguing against binding information in the key
> derivation.   I am saying that performing this function in the mechanism
> is different that performing it in the key derivation and that I believe
> it is advantageous to have this functionality in the mechanism.

I think this is where we have different opinions. I don't think using EAP 
methods to 
carry channel parameters a good idea (even in the form a blob), while you 
think it is 
advantageous...

Yoshihiro Ohba

> > Regards,
> > Yoshihiro Ohba
> >
> >
> > >I do not think that one should eliminate binding of data in the
> > >authentication in favor of binding data in the key
> > derivation as they
> > >solve different problems.  I am not familiar with the
> > EAP-IKEv2 use of
> > >"channel bindings", but I would rather see the capability
> > fixed if it
> > >has a problem than removed.
> > >_______________________________________________
> > >eap mailing list
> > >eap [at] frascone.com
> > >http://mail.frascone.com/mailman/listinfo/eap
> >