>>>>> "Jim" == Jim Schaad <[email protected]> writes:
> Later in the white board example channel binding should be
> GSS-API channel binding
Jim> [JLS] I don't understand this. The two sentences which talk
Jim> about the whiteboard do not have the phrase channel binding in
Jim> them. The next sentence would seem to apply to either GSS-API
Jim> or EAP channel binding. Which sentence did you think should be
Jim> changed?
If channel binding is used without mutual authentication, it is
effectively . . .
I know thatt statement is true for GSS-API channel binding, and that's
certainly what the reasoning in the white-board example applies to.
I'll admit that I considered not making the comment because it seems to
sort of apply to EAP channel binding.
However, mutual authentication in EAP applies to peer confidence that
it's talking to the right EAP server. Without that, I'm not sure how
EAP channel binding gives you confidence you're disclosing anything in
the context of a particular NAS. It's more like it gives you confidence
that the NAS would like to be thought of in a particular way. That
might be useful but doesn't seem much of a security claim.
So, I have confidence in the statement for GSS-API channel binding, but
am not at all sure it's true for EAP channel binding.
Your text for re-authentication seems good to me.
I do have one note about your response to Mark on secure lookups in DNS.
Previously the text simply said the lookup needed to be secure. Your
replacement text to address Mark's concerns specifically introduces
discussion of DNSsec.
I'm wondering whether that's proscriptive.
I guess it's fine, because if you're actually using the DNS protocol
that and tsig are the only ways to secure the lookup.
So, I'm OK with the proposed text, but I want to call out that we've
refined the semantics somewhat.
--Sam
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
