|
List Info Thread: Issue 385: NITs
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
Issue 385: NITs |
|
List Info Thread: Issue 385: NITs
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
internaut.com
Date Submitted: January 16, 2007
Reference:
Document: KEYING-16
Comment type: Editorial
Priority: 1
Section: 1, 1.4
Rationale/Explanation of issue:
Within the document, "mode independence" is
sometimes capitalized,
sometimes not. Sometimes it is placed within quotes,
sometimes not.
Recommend changing all instances to mode independence (no
quotes,
no caps). "altSubjectName" is sometimes used
instead of "subjectAltName".
The first paragraph in Section 1.4 appears to belong in the
Introduction:
"EAP, defined in [RFC3748], is a two-party protocol
spoken between the
EAP peer and server. Within EAP, keying material is
generated by EAP
methods. Part of this keying material may be used by EAP
methods
themselves and part of this material may be exported. In
addition to
export of keying material, EAP methods may also export
associated
parameters, and may import and export Channel Bindings from
the lower
layer."
The proposed resolution is as follows:
Change all instances of Mode Independence and "mode
independence" to
mode independence. Change "altSubjectName" to
"subjectAltName".
Delete the first paragraph of Section 1.4.
Change Section 1 from:
"1. Introduction
The Extensible Authentication Protocol (EAP), defined in
[RFC3748],
was designed to enable extensible authentication for network
access
in situations in which the Internet Protocol (IP) protocol
is not
available. Originally developed for use with Point-to-Point
Protocol
(PPP) [RFC1661], it has subsequently also been applied to
IEEE 802
wired networks [IEEE-802.1X], wireless networks such as
[IEEE-802.11i], [IEEE-802.16e], and IKEv2 [RFC4306].
This document provides a framework for the transport and
usage of
keying material generated by EAP authentication algorithms,
known as
"methods". In EAP, keying material is generated by
EAP methods.
Part of this keying material may be used by EAP methods
themselves
and part of this material may be exported. The exported
keying
material may be transported by Authentication, Authorization
and
Accounting (AAA) protocols and used by Secure Association
Protocols
in the generation or transport of session keys which are
used by
lower layer ciphersuites. This document describes each of
these
elements and provides a system-level security analysis. It
also
specifies the EAP key hierarchy."
To:
"1. Introduction
The Extensible Authentication Protocol (EAP), defined in
[RFC3748],
was designed to enable extensible authentication for network
access
in situations in which the Internet Protocol (IP) protocol
is not
available. Originally developed for use with Point-to-Point
Protocol
(PPP) [RFC1661], it has subsequently also been applied to
IEEE 802
wired networks [IEEE-802.1X], IKEv2 [RFC4306] and wireless
networks
such as [IEEE-802.11i] and [IEEE-802.16e].
EAP is a two-party protocol spoken between the EAP peer and
server.
Within EAP, keying material is generated by EAP
authentication
algorithms, known as "methods". Part of this
keying material may be
used by EAP methods themselves and part of this material may
be
exported. In addition to export of keying material, EAP
methods may
also export associated parameters such as authenticated peer
and
server identities and a unique EAP conversation identifier,
and may
import and export lower layer parameters known as
"Channel Bindings".
This document provides a framework for the transport and
usage of
keying material and parameters generated by EAP methods, as
well as
specifying the EAP key hierarchy. It also provides a
system-level
security analysis."
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit: