Glen Zorn wrote: > Alan DeKok [mailto:[email protected]] writes: >> This proxying violates the privacy requirements. > > What privacy requirements are those?
The requirement to keep authentication credentials private, which is one of the reasons for choosing a TLS-based method in the first place. >> Unless I'm missing something, that would require standards action, as >> there is no document describing TLS inside of TTLS. > > EAP-TTLS provides for the transport of EAP inside the TLS tunnel. Is there a document describing that? Will implementations be interoperable without a document? What security and privacy issues are there with doing that? >> There is no >> document describing how the client could perform the certificate checks >> against the local network information, so that would require standards >> action, too. > > Why? I thought that we were talking about commercial entities here: > certainly roaming consortia can specify how they want to take care of > internal matters... Roaming was just one example. Even with roaming, there are multiple roaming consortia, for multiple purposes. Standardizing a cross-consortia method for channel bindings would appear to be useful to the wider Internet Community, and well within the scope of the IETF. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
