>>>>> "Yoshihiro" == Yoshihiro Ohba <yoshihiro.o...@toshiba.co.jp> writes:
Yoshihiro> [1] As far as I understand, the method-based channel Yoshihiro> binding is not applicable to ERP. For completeness of Yoshihiro> the specification it may be good to add some text to Yoshihiro> clarify this. I'd welcome suggestions. I'm not really familiar with ERP. Yoshihiro> [3] Probably this was discussed in the WG, but I want to Yoshihiro> understand the motivation for the namespace in Channel Yoshihiro> Binding Encoding because it seems to be a hard Yoshihiro> requirement if the peer has to know what namespace (or Yoshihiro> protocol) is being used between an EAP authenticator and Yoshihiro> EAP server. Also, in some case, the channel binding Yoshihiro> operation may be performed with a standalone Yoshihiro> authenticator since, due to EAP's mode independence Yoshihiro> property, the peer does not know whether the Yoshihiro> authenticator it is talking to is a pass-through Yoshihiro> authenticator or a stand-alone one. What namespace Yoshihiro> should be used with a standalone authenticator? The namespace ID simply names where the attribute comes from. If you are describing some value that is available in a RADIUS ID, then you should use the RADIUS namespace. The EAP server (which as you point out may be the authenticator) is responsible for matching up that information in whatever form it has it. For attributes available both in the diameter and RADIUS namespaces I'd expect some lower layer document to describe which one to use regardless of whether an AAA protocol is in use or which one is in use. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu