> -----Original Message-----
> From: Yoshihiro Ohba [mailto:yohba tari.toshiba.com]
> Sent: Wednesday, February 01, 2006 12:03 PM
> To: Bernard Aboba
> Cc: yohbatari.toshiba.com; Salowey, Joe; eapfrascone.com
> Subject: Re: [eap] Strawman -10
>
> On Wed, Feb 01, 2006 at 09:44:59AM -0800, Bernard Aboba
wrote:
> > >The channel-binding draft allows KDF to be
provided by an
> EAP method
> > >while still satisfying the requirements of
mode independence.
> >
> > Do we really want to require EAP methods to
support KDFs in
> order to enable
> > the lower layer to generate keys from the EMSK?
That would
> mean that
> > existing EAP methods wouldn't be usable on some
lower
> layers. One of the
> > major advantages of EAP is the ability to support
many lower layers.
> >
>
> It would be possible to define a particular hash
algorithm as the
> default algorithm for prf+ in
draft-ohba-eap-channel-binding for
> existing EAP methods.
>
[Joe] Yes, this is what we did with the original EMSK/AMSK
document.
(which was incorporated into the eap-key document and then
removed
again)
> On the other hand, EAP methods would still need to have
a
> functionality to negotiate on use of Channel Binding if
Channel
> Binding is defined an optional functionality. Or do
you expect lower
> layers to negotiate on use of Channel Binding in which
case Channel
> Binding would not be usable for already deployed NASes?
>
> Yoshihiro Ohba
>
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|