See inline please....
> >
> > Yes. To get the AMSK or derivative keys from the
AAA server.
> > But not between the AAA server and the
EAP-Authentication Server.
> >
> > Note, if I can remember correctly someone wanted
to specify
> a protocol
> > to get the AMSK from the EMSK.
> >
>
> How often do we have an EAP server not co-located with
the AAA server?
Well in one SDO activitiy that I am working on there is a
case where the
EAP-Server is not deployed with the AAA-server for some fo
the cases.
It is however co-located with the NAS.
> When they are co-located, a protocol isn't really
required.
I agree.
> When they are not, I can see a need - but, from a
practical
> use case perspective, I feel that such a protocol would
find
> very limited use.
I agree with you. But I wouldn't discount it either. My
approach is to
allow for that -- and certainly it is allowed and then solve
the problem
when someone can actually demonstrate a need. Or let them
solve the
problem 
> Vidya
>
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|