>>>>> "Sam" == Sam Hartman <[email protected]> writes:
Sam> You probably haven't read section 5.3 of
Sam> draft-ietf-emu-chbind-07. Please do before reading this
Sam> message.
Sam> The initiator will send EAP channel binding data to the EAP
Sam> server including what it knows of the acceptor name. Typically
Sam> this will be the service and hostname. Often the initiator
Sam> will not know the realm name.
Sam> The EAP server needs to indicate back to the acceptor what
Sam> attributes were used in channel binding with a successful
Sam> response.
Sorry, back to the initiator.
Sam> Typically the EAP server won't be able to verify the
Sam> hostname. Instead, a proxy near the acceptor will verify the
Sam> host name and assert a realm and the EAP server will verify the
Sam> realm.
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
