Alan DeKok [mailto://al...@deployingradius.com] writes:
...
Channel bindings closes a security issue in current deployments of the
EAP protocol.
Is that true? If all you want is to solve the case where ...the NAS could
tell the user we're partner X: $0.05 / minute. It could *really* be
Alan, Sam, Glen,
imho, I'd not place any trust in an SSID.
Its just a 32 octet string that can be set to anything, and provides
no guarantee about the identity of a WLAN.
Kind regards
Stephen
On 20 June 2010 17:05, Alan DeKok al...@deployingradius.com wrote:
Glen Zorn
Stephen McCann wrote:
imho, I'd not place any trust in an SSID.
Its just a 32 octet string that can be set to anything, and provides
no guarantee about the identity of a WLAN.
It's useful as an example.
Alan DeKok.
___
Glen asked me to explain my tunnel related comments more.
It would be desirable to reduce the number of methods we need to add
channel binding to. For example if eap-ttls supports channel binding [1]
and I'm running some other method inside it, then I may not care whether
that method supports
This time from the right address.
---BeginMessage---
Glen == Glen Zorn g...@net-zen.net writes:
Hi. I have read the later messages on this thread, but it sounded like
you and Alan were talking past each other a bit, so I want to come back
to where I think the disagreement is introduced.