I have no problemdocumenting why we do not do so as an example of privacy in sec cons -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Alan DeKok <al...@deployingradius.com> wrote: Sam Hartman wrote: > I'd like to take a step back and ask why you'd ever want to channel-bind > user-name in the first place? I guess the theory is that your EAP > method supports channel binding but does not have a well-defined concept > of peer ID or support identity protection/transporting method-specific > identity? I think that situation isn't widely used. > My proposal is that we stop recommending channel binding to user-name > rather than documenting the issues associated with doing so. I would document why channel binding User-Name is a bad idea. Or, why it's useful only in certain limited circumstances. Alan DeKok.
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
