>>>>> "zhou" == zhou sujing <[email protected]> writes:
zhou> 3. also in rfc 5247
zhou> TEKs are output from EAP methods and were designed to
zhou> secure the channel, couldn't they be used in channel binding
zhou> or crypto binding?
TEKs can and typically will be used for channel binding. Certainly the
work we've done in Moonshot for TTLS and the work proposed for TEAP
effectively uses a TEK (in RFC 5247's terminology) for channel binding.
TEKs are inappropriate for crypto binding because they are not exported
from an EAP method and so cannot be used to generate a compound key.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
