Hi Bernard,
________________________________
From: Bernard Aboba
[mailto:bernarda(_at_)windows(_dot_)microsoft(_dot_)com]
Sent: Sunday, February 18, 2007 6:49 AM
To: Narayanan, Vidya; Dondeti, Lakshminath; Sam Hartman
Cc: Dan Harkins; ietf(_at_)ietf(_dot_)org
Subject: RE: comments on draft-houseley-aaa-key-mgmt-07.txt
Vidya said:
"In my understanding, Dan's claim is that the server is unable
to detect
that an authenticator is claiming an incorrect identity and by
virtue of
that, if the authenticator claims the false identity to both the
peer
and the server, a key will be provided to the authenticator and
that
will match the key that the peer derives, even if the identity
was part
of the key derivation. This is the problem that I have detailed
in my
earlier email and I belive that can be resolved with the text I
proposed. "
This problem will exist whenever the peer does not receive an
indication of whether an authenticator is authorized. For
example,
where the AAA exchange is bypassed, the backend server does not
receive
the authenticator identity claim so that there is no mutual
authentication
between the authenticator and server, no verification of the
authenticator identity by the server, and no channel binding
exchange.
<Vidya>
Yes. Also, when RADIUS proxies are present, for instance, the AAA
exchange and protection may only be hop-by-hop, right? In that case, I
would think that the SA is not tied to the NAS ID - would the result of
that also not be that the authenticator identity ends up not being
explicitly authenticated?
Thanks,
Vidya
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf