Any progress on this? -- Luke
On 31/05/2011, at 9:13 PM, Luke Howard wrote: > > On 31/05/2011, at 10:57 AM, Sam Hartman wrote: > >>>>>>> "Luke" == Luke Howard <[email protected]> writes: >> >> Luke> Instead I propose (well, Sam proposes and I implemented) the >> Luke> following. On the initiator extension token leg (the last >> Luke> token from the initiator), a MIC is sent of the mechanism OID >> Luke> and the extension tokens, excluding the MIC token. The >> Luke> acceptor verifies it and generates a MIC of its extension >> Luke> token to send to the initiator. The initiator verifies this. >> >> Luke> This gives us protection of all extension tokens sent in the >> Luke> last round trip. >> >> I'd like to hear comments on this. Unless we hear objections or the >> editors receive different instructinos from the chairs, we will make >> this so in the next version of the gss-eap draft. > > > +1 from me. > > -- Luke > _______________________________________________ > abfab mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/abfab -- Luke Howard / [email protected] www.padl.com / www.lukehoward.com _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
