On Mon, April 9, 2007 3:38 pm, hartmans-ietf(_at_)mit(_dot_)edu wrote:
[snip]
I'd define the EAP channel binding problem as follows. There are two
sets of identities that the peer and authenticator use: one at the EAP
layer and one at a lower layer. There is an additional identity that
the authenticator may use to authenticate to the AAA server. The
channel binding problem is to make sure that the EAP server authorizes
the authenticator's use of the lower layer identity to the peer and
the peer's use of a given lower layer identity.
I don't agree. The channel binding problem is to make sure the EAP
server and the peer agree to whom the key is being disclosed. They
have to agree on a common identity that is relevant at the EAP layer.
You're right that the authenticator can have 3 identities-- a lower
layer identity like a MAC address, a NAS ID, and some identity that was
used to create a security association with the AS. The AS doesn't know
and doesn't care what the lower layer identity of the authenticator is.
Likewise the peer doesn't know and doesn't care what identity the
authenticator used to establish a security association with the AS (most
likely an IP address). But they are both speaking EAP and there is an
identity of the authenticator that they can both agree on and that is
relevant at that layer-- the NAS ID.
EAP channel binding is a protected exchange, between the peer and AS,
of this identity (the NAS ID not a lower layer identity) and the identity
passed in the protected exchange is verified with the identity established
in some out-of-band fashion (for instance, at provisioning time of the
NAS). If they are equal then all systems are go, if they are not then
houston we have a problem.
Dan.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf