emu-11----Page:9
1 2 3 4 5 6 7 8 9 10
|
Channel Binding Validate lower-layer EAP parameters during authentication Need secure mechanism for exchanging parameters What is needed? Confidentiality? Authenticity? PAX provides authenticity, but not confidentiality (would require additional symmetric-key ciphersuite) Attach “Authenticated Data Exchange” frames during authentication once keys have been derived |