| Re: Channel Binding | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Sat, 13 Aug 2005 17:22:48 -0400 (EDT) | |
> Key-derivation based channel binding solution should be > specified as an extension to EAP keying framework. A question: is this an EAP issue or a AAA and lower layer issue? >From an EAP point of view, the EAP method passes down the exported parameters to the lower layer. The lower layer then can compute any required keying material from the exported parameters and the Channel Bindings. The same is true on the AAA server, which operates as an EAP lower layer on the server side. So as far as I can see, no changes are needed to EAP, EAP methods, or the EAP key management framework in order to support Yoshi's proposal. All that is required is a specification for how the AAA client requests the mixed key and how it is transported. Presumably such a key cannot be transported in the Diameter EAP-Master-Session-Key attribute or in the RFC 2548 attributes since it is not an MSK. Of course, such a AAA specification would not be useful unless a lower layer were to exist that would use it, so you'd need a lower layer specification as well. However, as far as I can see, no EAP key management extension is required here.
- RE: RE: channel binding, (continued)
-
RE: RE: channel binding Salowey, Joe, August 12 2005
-
RE: RE: channel binding Charles Clancy, August 16 2005
- Re: RE: channel binding Yoshihiro Ohba, August 17 2005
- Re: RE: channel binding Jari Arkko, August 25 2005
-
RE: RE: channel binding Charles Clancy, August 16 2005
- Re: Channel Binding Bernard Aboba, August 13 2005
-
Re: Re: Channel Binding Jari Arkko, August 25 2005
- Re: Re: Channel Binding Bernard Aboba, August 25 2005
- Re: Re: Channel Binding Yoshihiro Ohba, August 25 2005
- Re: Re: Channel Binding Jari Arkko, August 25 2005
-
RE: RE: channel binding Salowey, Joe, August 12 2005
Results generated by Tiger Technologies using MHonArc.