| Re: Re: Channel binding consensus call | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Fri, 26 Aug 2005 03:46:04 -0400 (EDT) | |
Bernard Aboba wrote:
--Jari
1. Should we take on a WG work item, a specification
of a solution/protocol that provides channel bindings?
Although interest in Channel Bindings has been increasingly recently,
I don't think that we are at the point where we can choose a single solution/protocol.
(Clarification: the question I intended to ask was not about whether we can choose the solution now, but rather if the group wants a solution. If the answer is yes, we'll need more work to study the various approaches, then later we can actually pick an approach that we develop to an RFC. Questions 2 and 3 are about what the role of such RFC would have in relation to other possible solutions that might be developed later or elsewhere.
And if the answer is no, we can tell the methods writers and others that EAP will not be delivering a solution to them.)
3. Should the solution be unified in some sense
across different types of EAP usage or should
we pursue multiple approaches? An example
of multiple approaches would be leaving it
to individual method writes without coordination,
different mechanisms for different link layers,
or developing both method and aaa-key based
mechanisms.
I don't think it is required that all EAP methods handle Channel Bindings the exact same way, although some general architecture principles probably need to be established.
One of the major architectural principles at stake here is whether AAA servers implementing EAP will remain media independent going forward. Today we do have media independence in AAA, so that implementations of RFC 3579/4072 can be used with PPP, 802.11, IKEv2, etc. Having AAA servers compute different roots of the key hierarchy depending on the media is a fairly major change, so we need to think the implications through.
Yes. Similarly for the treatment of media-dependent cb information at AAA, even if it wouldn't impact the actual key.
--Jari
-
channel binding consensus call Jari Arkko, August 25 2005
- Re: channel binding consensus call Jari Arkko, August 26 2005
- Re: channel binding consensus call Yoshihiro Ohba, August 26 2005
-
Re: Channel binding consensus call Bernard Aboba, August 25 2005
- Re: Re: Channel binding consensus call Jari Arkko, August 26 2005
-
RE: channel binding consensus call Salowey, Joe, August 25 2005
- Re: channel binding consensus call Jari Arkko, August 26 2005
Results generated by Tiger Technologies using MHonArc.