#8: Cryptographic Binding Text > Section 3.2 > > " In > particular, when weak methods are used, security policies enforcing > that such methods can only be executed inside a tunnel but never > outside one are required to mitigate the attack." > > The requirement that methods only be executed within a tunnel > is necessary > even for strong methods, if crypto-binding isn't used. > > " On the other hand, > a technical solution (so-called cryptographic bindings) can be used > whenever the inner method is not susceptible to attacks outside a > tunnel and derives keying material." > > Cryptographic binding can be used whenever the inner method > generates keys. If this isn't used, then even methods not > susceptible to attack outside the tunnel should be prohibited > from use outside the tunnel, or else MiTM attacks would still > be feasible. >
How about changing the last paragraph to: "The tunnel method MUST support protection of weak EAP methods. Cryptographic protection from tunnel MitM attacks MUST be provided for all key generating methods. In combination with an appropriate security policy this will thwart MitM attacks against inner methods." -- Ticket URL: <http://trac.tools.ietf.org/wg/emu/trac/ticket/8> emu <http://tools.ietf.org/wg/emu/> _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
