eap-3----Page:8
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Acceptable solution MUST also … Perform client and NAS authorization Maintain confidentiality of session keys Confirm selection of “best” ciphersuite Uniquely name session keys Compromise of a single NAS cannot compromise any other part of the system, including session keys and long-term keys Bind key to appropriate context |