> "zhou" == zhou sujing writes:
zhou> To my understanding, right prior to finishing tunnel establishement,
EAP peer
zhou> and EAP Server(print server in the server insertion attack case)
should have
zhou> exchanged channel binding with integrity protection by key only known
to
> "Hao" == Hao Zhou writes:
Hao> Sam:
Hao> This is a well thought and well written draft, it covers a lot of
background
Hao> and aspect of the attacks and mitigations. However, I have few
comments:
Thanks!
You listed a set of drawbacks to EMSK-based crypto binding.
Hao> A.
> -Original Message-
> From: emu-boun...@ietf.org [mailto:emu-boun...@ietf.org] On Behalf Of
> Sam Hartman
> Sent: Thursday, June 28, 2012 11:06 AM
> To: zhou.suj...@zte.com.cn
> Cc: hartmans-i...@mit.edu; emu@ietf.org
> Subject: Re: [Emu] on draft-hartman-emu-mutual-crypto-bind-00
>
> >
> "Jim" == Jim Schaad writes:
Before the outer MSK has been computed, yes.
Before the inner MSK (the one you need to attack crypto binding) has
been computed no.
Also, note that the RADIUS server only knows about the inner method, so
it will transport the inner MSK as soon as it believes the
