Re: [Emu] Issue: Definition of Session-Id, Peer-Id, Server-Id forEAP GPSK
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Emu] Issue: Definition of Session-Id, Peer-Id, Server-Id forEAP GPSK
Sounds reasonable, but I'm not entirely sure I'd call the ID_Server
unauthenticated. It's authenticated in GPSK-3 when the server includes it
in the key derivation to compute SK. If the value was changed by an
attacker, the authentication would fail.
The client only confirms that the server has access to the PSK, but it
doesn't confirm the specific server identity. This is different from
TLS-based EAP methods where the client can verify a certificate issued to a
specific server.
_______________________________________________
Emu mailing list
Emu at ietf.org
https://www1.ietf.org/mailman/listinfo/emu
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
