Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann

To: Bernard Aboba <bernarda at windows.microsoft.com>
Subject: Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann
From: Nicolas Williams <Nicolas.Williams at sun.com>
Date: Mon, 9 Apr 2007 18:07:40 -0500
Cc: Bernard Aboba <bernard_aboba at hotmail.com>, hartmans-ietf at mit.edu, ietf at ietf.org, eap at frascone.com
In-reply-to: <0C7B902B470A264FA64D66CBF76FB8210358C50D@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <BAY117-F3352F1A2D83B2AEC4294A4935B0@phx.gbl> <tslejmt2nb4.fsf@mit.edu> <0C7B902B470A264FA64D66CBF76FB8210358C50D@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
User-agent: Mutt/1.5.7i

So then the stuff to bind to exists but no spec says "the EAP channel
bindings for this kind of L2 association is XYZ" and we all have a good
idea of what that text should read like, right?

On Mon, Apr 09, 2007 at 03:52:31PM -0700, Bernard Aboba wrote:
> No one has defined the format of channel bindings and with the
> possible exception of 802.11r I don't know of any lower layer that has
> clearly defined what identity should be bound for that layer.
>  
> [BA] As outlined in RFC 3748 and the EAP Key Management Framework, channel binding matching is designed to be a mechanical process, which implies that they are communicated in the form of AAA attributes. 
>  
> For example, the following AAA attributes can be sent from the NAS to the AAA server for IEEE 802: 
>  
> Called-Station-Id:  Authenticator Port MAC address or AP BSSID (potentially with the SSID)
> Calling-Station-Id:  Supplcant MAC address
> NAS-Identifier:  Authenticator identifier (IEEE 802.11r R1KH-ID)
> 
> >How do I know what the lower layer identity is unless the lower layer
> >spec tells me
>  
> Lower layer specifications already define the source MAC addresses (e.g. IEEE 802), and in some cases, authenticator identities (IEEE 802.11r).   So no additional lower layer standards are required. 

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- RE: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann
  - From: Bernard Aboba
- Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann
  - From: hartmans-ietf
- RE: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann
  - From: Bernard Aboba

Prev by Date: Re: [Emu] Last call comments: draft-williams-on-channel-binding-01.txt: EAP channel bindings
Next by Date: Re: Withdrawal of Approval and Second Last Call: draft-housley-tls-authz-extns
Previous by thread: RE: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann
Next by thread: Re: [Emu] Last call comments: draft-williams-on-channel-binding-01.txt: EAP channel bindings
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Last call comments: draft-williams-on-channel-binding-01.txt:EAP chann

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.