[abfab] a review on draft-ietf-abfab-gss-eap-04

Thu, 15 Dec 2011 18:18:16 -0800 

Hi,all, the following are questions occured to me when reading 
draft-ietf-abfab-gss-eap-04:


1. Section 1 
    "The Extensible Authentication Protocol (EAP) [RFC3748] defines a
   framework for authenticating a network access client and server in
   order to gain access to a network."
 
  since applicability of EAP is under updating beyond network access, I 
think the information of Section 7 might as well be 
indicated here.

2.  section 5.4.2 and section 5.7 
   Why would acceptor name appear in a acceptor name request?

3.  section 5.4.3 
  "Typically this token would only be send if the acceptor name request is 
absent."
   Acceptor name response is sent only when no acceptor name request has 
been received?

4. section 5.6
   "After EAP success, the initiator sends a token to the acceptor
   including additional subtokens that negotiate optional features or
   provide GSS-API channel binding (see Section 6.1)."
 
   According to RFC2743, GSS-API channel binding information is provided 
as an input to GSS_Init_sec_context(), i.e., before 
EAP sucess, so how and why send GSS-API channel binding here?


5. "The PROT_READY service is never available with this mechanism."
   what is PROT_READY service? I cann't find any reference to it.




Regards~~~

-Sujing Zhou

--------------------------------------------------------
ZTE Information Security Notice: The information contained in this mail is 
solely property of the sender's organization. This mail communication is 
confidential. Recipients named above are obligated to maintain secrecy and are 
not permitted to disclose the contents of this communication to others.
This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. If 
you have received this email in error please notify the originator of the 
message. Any views expressed in this message are those of the individual sender.
This message has been scanned for viruses and Spam by ZTE Anti-Spam system.

_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab

Reply via email to