| EAP Keying Framework - section 1.4.1 | <– Date –> <– Thread –> |
From: Thomas Otto (t.otto sharevolution.de)
|
|
| Date: Tue, 22 Nov 2005 06:15:13 -0800 (PST) | |
In section 1.4.1, Mode independence, the draft says: While the authenticator may implement some EAP methods locally and use those methods to authenticate local users, it may at the same time act as a pass-through for other users and methods, forwarding EAP packets back and forth between the backend authentication server and the peer. How can the authenticator (in context of 802.11: the access point) then decide which authentication it should do self and which authentication to relay to the backend authentication server? Both MAC address of the peer and identity, delivered in EAP-Response/ Identity(id) are no good choice, because they can easily be forged. Thomas
-
EAP Keying Framework - section 1.4.1 Thomas Otto, November 22 2005
-
RE: EAP Keying Framework - section 1.4.1 Bernard Aboba, November 22 2005
- Re: EAP Keying Framework - section 1.4.1 Jari Arkko, December 13 2005
-
RE: EAP Keying Framework - section 1.4.1 Bernard Aboba, November 22 2005
Results generated by Tiger Technologies using MHonArc.