| Proposed Resolution to Issue 357: Channel Binding Definition | <– Date –> <– Thread –> |
From: Bernard Aboba (bernard_aboba hotmail.com)
|
|
| Date: Sat, 3 Jun 2006 18:41:04 -0700 (PDT) | |
The text of Issue 357 is enclosed below. The proposed resolution is to
accept the definition proposed by Jari Arkko:
"Channel Binding
"Channel Binding
A secure mechanism for ensuring that a chosen set of channel properties (such as endpoint identifiers) are agreed upon by the EAP peer, authenticator and server."
------------------------------------------------------------------------------------------------ Issue 357: Channel Binding Definition Submitter name: Vidya Narayanan Submitter email address: vidyan [at] qualcomm.com Date Submitted: May 1, 2006 Reference: http://lists.frascone.com/pipermail/eap/msg04227.html Document: KEYING-12 Comment type: 'T'echnical Priority: '1' Should fix Section: 1.2 Rationale/Explanation of issue: The document defines channel binding as a communication within an EAP method - this seems a bit restrictive, given that channel binding information could be carried out-of-band as well. The only requirement is that the information be integrity protected between the peer and server.
Requested change: Change wording to:
"The communication of integrity-protected channel properties such as endpoint identifiers which can be compared to values communicated via out of band mechanisms (such as via a AAA or lower layer protocol)."
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.