>>>>> "Jim" == Jim Schaad <[email protected]> writes:
Jim> I want to make sure that we have distinguished between the two
Jim> statements 1. The server says that I don't support these
Jim> specific attributes
Jim> and 2. The server does not tell me that it
Jim> did or did not do matching of some attributes.
Jim> The first I think is totally optional, but the second is
Jim> necessary for the tunnel draft and should be made explicit in
Jim> this draft as something that needs to be done.
I think section 5.3 clearly requires that a peer learn whether the
server did do matching and if so, what attributes it successfully
matched. We don't currently have a way for the server to say "these
attributes didn't match." That's kind of tricky and I'd prefer that to
be a future work item. I've left extensibility for it.
Also, the client's request to the server is integrity protected.
I believe we should require and would appreciate you checking that we do
require:
1) A client supporting channel binding to a server supporting channel
binding will get channel binding. An attacker cannot downgrade to no
channel binding. I believe that by doing channel binding over an
integrity-protected channel we get that.
2) If you do channel binding the client will learn the result and will
learn which attributes it sent were considered and met whatever
consistency check the server did. This is a little vaguely worded
because there's a lot of latitude for server policy.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
