eap Mailing List: Re: Re: Issue 352: Channel Binding Issue

[Yoshihiro Ohba (yohba]

On Tue, May 02, 2006 at 03:21:19PM -0700, Salowey, Joe wrote:
> I'm not sure that carrying "mixed" MSKs in existing attributes is such a
> good idea,  how does the authenticator know what it is getting? 

I don't think the authenticator needs to know whether the received key
is the MSK or mixed MSK, as long as both the peer and authenticator
obtains the same key.

Yoshihiro Ohba


> 
> > -----Original Message-----
> > From: Bernard Aboba [mailto:bernard_aboba [at] hotmail.com] 
> > Sent: Tuesday, May 02, 2006 12:27 PM
> > To: yohba [at] tari.toshiba.com
> > Cc: eap [at] frascone.com
> > Subject: Re: [eap] Re: Issue 352: Channel Binding Issue
> > 
> > >Thank you for reading the document.  And the answer is, if the
> > >generated "mixed" MSKs are carried in the existing AAA attributes
> > >instead of carrying the MSKs, then no AAA attributes or communication
> > >flow is required for EAP keying.
> > 
> > It might be worth saying a few words about this in the 
> > paragraph.  Overall, 
> > I'm not sure whether the Channel Binding text in the document 
> > is all that 
> > consistent/comprehesive.
> > 
> > 
> > _________________________________________________________________
> > To unsubscribe or modify your subscription options, please visit:
> > http://lists.frascone.com/mailman/listinfo/eap
> > 
> > Arhives: http://lists.frascone.com/pipermail/eap
> > 
> 
>