| Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann | <– Date –> <– Thread –> |
From: Nicolas Williams (Nicolas.Williams sun.com)
|
|
| Date: Mon, 9 Apr 2007 16:08:39 -0700 (PDT) | |
So then the stuff to bind to exists but no spec says "the EAP channel bindings for this kind of L2 association is XYZ" and we all have a good idea of what that text should read like, right? On Mon, Apr 09, 2007 at 03:52:31PM -0700, Bernard Aboba wrote: > No one has defined the format of channel bindings and with the > possible exception of 802.11r I don't know of any lower layer that has > clearly defined what identity should be bound for that layer. > > [BA] As outlined in RFC 3748 and the EAP Key Management Framework, channel > binding matching is designed to be a mechanical process, which implies that > they are communicated in the form of AAA attributes. > > For example, the following AAA attributes can be sent from the NAS to the AAA > server for IEEE 802: > > Called-Station-Id: Authenticator Port MAC address or AP BSSID (potentially > with the SSID) > Calling-Station-Id: Supplcant MAC address > NAS-Identifier: Authenticator identifier (IEEE 802.11r R1KH-ID) > > >How do I know what the lower layer identity is unless the lower layer > >spec tells me > > Lower layer specifications already define the source MAC addresses (e.g. IEEE > 802), and in some cases, authenticator identities (IEEE 802.11r). So no > additional lower layer standards are required.
-
Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann Bernard Aboba, April 7 2007
- Message not available
- Message not available
- Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann Nicolas Williams, April 9 2007
- Message not available
- Message not available
Results generated by Tiger Technologies using MHonArc.