Since they both use the same low-entropy password to perform their mutual authentication it is not, strictly speaking, just the peer's credential.
Dan. On Wed, March 3, 2010 1:45 pm, Hoeper Katrin-QWKN37 wrote: > > See inline. >> -----Original Message----- >> From: Dan Harkins [mailto:dhark...@lounge.org] >> Sent: Wednesday, March 03, 2010 3:39 PM >> To: Hoeper Katrin-QWKN37 >> Cc: Dan Harkins; Joseph Salowey; emu@ietf.org >> Subject: RE: [Emu] review of draft-ietf-emu-eaptunnel-req-04 >> >> >> Hi Katrin, >> >> On Wed, March 3, 2010 12:31 pm, Hoeper Katrin-QWKN37 wrote: >> > Dan, >> > >> > OK, I understand that the tunnel provides all these other feats. >> > >> > But why can't the server authenticate during the tunnel protocol? I >> > still don't understand the use case for mutually anonymous tunnels. >> >> Because it doesn't have the right credential. >> >> > If the server has a certificate why can't it send it to the peer > before >> > or during the tunnel establishment? >> >> If the server has a certificate then sending it to the peer >> would not really solve any problem. The peer would still need to >> have a reason to trust it and we're back to the problem of putting >> a trusted certificate in some certificate store. A global PKI to >> solve all of our certificate issues still has not materialized. >> >> > If the peer and server share a secret, than this could be used to >> > establish the tunnel. >> >> If the peer and server share a secret they could use one of the PSK >> ciphersuites for TLS but those are susceptible to a dictionary attack >> and are therefore inappropriate. >> >> The tunnel is being established with EAP-TLS so we are limited to >> TLS ciphersuites and the authentication they provide. If a TLS > ciphersuite >> was appropriate always and everywhere then we would not need any other >> EAP methods, we'd just do EAP-TLS. But that is not the case. Also it > is >> a requirement to tunnel additional EAP methods inside the tunnel so >> obviously there are EAP methods that provide something that a TLS >> ciphersuite does not. >> >> > What I am saying is what kind of server authentication credentials > could >> > be used inside an anonymous tunnel that could not be used to >> > authenticate the server in the tunnel protocol? (given that privacy > is >> > not the issue) >> >> A low-entropy password that can easily be remembered and entered by > a >> human with low probability of error. > [KH] I asked what kind of SERVER credentials not peer credentials. >> >> Dan. >> > > _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
