Hello,
another possible use case would a "home zone" feature in service
provider roaming scenarios: client sends information about which
authenticator it is connected to, auth server signals back whether this
is an authenticator which belongs to the user's own networking domain or
is roaming.
Gre
Hannes,
Another quick comment on the value derived by operators for deploying
channel bindings -- channel bindings will give operators the ability to
apply detailed authorization policies to EAP-based network access.
Right now EAP is primarily just an authentication facility, and
authorizatio
Hannes,
Thanks for the comments. I'm working on a revision that addresses the
"fuzzy comparison" issue. Certainly there's a cost to implementing
channel bindings. EAP methods already support carrying the information,
so the only changes would be to their implementations, which could be
don
