Re: [Emu] Last call comments: draft-williams-on-channel-binding-01.txt: EAP channel bindings

[Sam Hartman <hartmans-ietf at mit.edu>]

>>>>> "Charles" == Charles Clancy <clancy at cs.umd.edu> writes:

    >>> to be an L2 identity.  It can be any identity that's
    >>> meaningful to the parties involved, and can serve as the basis
    >>> for making authorization decisions.
    >>  As long as it's cryptographically bound to the L2 channel and
    >> that channel provides suitable protection for the EAP method
    >> doing the EAP channel binding, THEN Sam's observation is
    >> correct: "EAP channel binding" uses what I termed "end-point
    >> channel binding" and "EAP cryptographic binding" uses what I
    >> termed "unique channel binding."

    Charles> I don't think I'm convinced that EAP channel bindings are
    Charles> doing this binding to the L2 channel.  The identity used
    Charles> in an EAP channel binding must be bound to the AAA
    Charles> security association between the authenticator and the
    Charles> peer in order for everything to work, so it would be more

I'm not sure I'd describe the association between the peer and authenticator as an AAA association.
I agree with the rest.

    Charles> 
    Charles> likely a NAS-ID than a MAC address.
Are you sure that the binding happens between the mac address and NAS
ID?  I don't understand how the peer ever confirms the NAS ID at layer
two unless it also happens to be a MAC address.

I do agree with you though that EAP channel bindings include the
peer's lower layer identity and the identity of the authenticator that
the peer will later be able to verify.



    Charles> That's not to say there isn't an L2 binding happening --
    Charles> but I think it's being performed by the L2 secure
    Charles> association phase that uses the EAP key to derive L2
    Charles> keys.  Then during that handshake, a MAC address may be
    Charles> involved, binding in an L2 identity.

ANd if things are secure some L2 identity of the authenticator.


    Charles> I guess I see EAP channel bindings as an EAP<->AAA
    Charles> binding, and the L2 secure association From ietf-bounces at ietf.org Fri Apr 06 16:15:56 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
	by megatron.ietf.org with esmtp (Exim 4.43)
	id 1HZumc-0000nF-0Y; Fri, 06 Apr 2007 16:11:42 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
	by megatron.ietf.org with esmtp (Exim 4.43)
	id 1HZuma-0000i7-8B; Fri, 06 Apr 2007 16:11:40 -0400
Received: from carter-zimmerman.dyn.mit.edu ([18.188.3.148]
	helo=carter-zimmerman.mit.edu)
	by ietf-mx.ietf.org with esmtp (Exim 4.43)
	id 1HZumX-0004Jy-Dk; Fri, 06 Apr 2007 16:11:40 -0400
Received: by carter-zimmerman.mit.edu (Postfix, from userid 8042)
	id 0D169E0431; Fri,  6 Apr 2007 16:11:36 -0400 (EDT)
From: Sam Hartman <hartmans-ietf at mit.edu>
To: "Charles Clancy" <clancy at cs.umd.edu>
References: <tslbqi1ieke.fsf at cz.mit.edu>
	<43960.63.239.69.1.1175884869.squirrel at webmail.cs.umd.edu>
	<20070406184854.GL28748 at Sun.COM>
	<33203.63.239.69.1.1175886784.squirrel at webmail.cs.umd.edu>
Date: Fri, 06 Apr 2007 16:11:36 -0400
In-Reply-To: <33203.63.239.69.1.1175886784.squirrel at webmail.cs.umd.edu>
	(Charles Clancy's message of "Fri, 6 Apr 2007 15:13:04 -0400 (EDT)")
Message-ID: <tslzm5lfekn.fsf at cz.mit.edu>
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: 0.6 (/)
X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5
Cc: bernarda at microsoft.com, ietf at ietf.org,
	Nicolas Williams <Nicolas.Williams at sun.com>, emu at ietf.org
Subject: Re: [Emu] Last call comments:
	draft-williams-on-channel-binding-01.txt: EAP channel bindings
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
	<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
	<mailto:ietf-request at ietf.org?subject=subscribe>
Errors-To: ietf-bounces at ietf.org

>>>>> "Charles" == Charles Clancy <clancy at cs.umd.edu> writes:

    >>> to be an L2 identity.  It can be any identity that's
    >>> meaningful to the parties involved, and can serve as the basis
    >>> for making authorization decisions.
    >>  As long as it's cryptographically bound to the L2 channel and
    >> that channel provides suitable protection for the EAP method
    >> doing the EAP channel binding, THEN Sam's observation is
    >> correct: "EAP channel binding" uses what I termed "end-point
    >> channel binding" and "EAP cryptographic binding" uses what I
    >> termed "unique channel binding."

    Charles> I don't think I'm convinced that EAP channel bindings are
    Charles> doing this binding to the L2 channel.  The identity used
    Charles> in an EAP channel binding must be bound to the AAA
    Charles> security association between the authenticator and the
    Charles> peer in order for everything to work, so it would be more

I'm not sure I'd describe the association between the peer and authenticator as an AAA association.
I agree with the rest.

    Charles> 
    Charles> likely a NAS-ID than a MAC address.
Are you sure that the binding happens between the mac address and NAS
ID?  I don't understand how the peer ever confirms the NAS ID at layer
two unless it also happens to be a MAC address.

I do agree with you though that EAP channel bindings include the
peer's lower layer identity and the identity of the authenticator that
the peer will later be able to verify.



    Charles> That's not to say there isn't an L2 binding happening --
    Charles> but I think it's being performed by the L2 secure
    Charles> association phase that uses the EAP key to derive L2
    Charles> keys.  Then during that handshake, a MAC address may be
    Charles> involved, binding in an L2 identity.

ANd if things are secure some L2 identity of the authenticator.


    Charles> I guess I see EAP channel bindings as an EAP<->AAA
    Charles> binding, and the L2 secure association protocol as the
    Charles> EAP<->L2 binding.

The L2 secure association protocol cannot be an eap->anything binding:
it does not typically use EAP level identifiers.

    Charles> -- t. charles clancy, ph.d.  <> tcc at umd.edu <>
    Charles> www.cs.umd.edu/~clancy





_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf