Re: [Emu] Working Group Last Call for draft-ietf-emu-chbind-04.txt (part 3)
"Hoeper Katrin-QWKN37" <khoeper@motorola.com> Tue, 02 March 2010 17:12 UTC
Return-Path: <khoeper@motorola.com>
X-Original-To: emu@core3.amsl.com
Delivered-To: emu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 74E0E28C1CE for <emu@core3.amsl.com>; Tue, 2 Mar 2010 09:12:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.125
X-Spam-Level:
X-Spam-Status: No, score=-6.125 tagged_above=-999 required=5 tests=[AWL=-0.474, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, SARE_SUB_ENC_WIN1255=0.647]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5EesbJ++K0JY for <emu@core3.amsl.com>; Tue, 2 Mar 2010 09:12:37 -0800 (PST)
Received: from mail153.messagelabs.com (mail153.messagelabs.com [216.82.253.51]) by core3.amsl.com (Postfix) with ESMTP id B25383A8B9D for <emu@ietf.org>; Tue, 2 Mar 2010 09:12:37 -0800 (PST)
X-VirusChecked: Checked
X-Env-Sender: khoeper@motorola.com
X-Msg-Ref: server-6.tower-153.messagelabs.com!1267549957!7533320!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [136.182.1.13]
Received: (qmail 17768 invoked from network); 2 Mar 2010 17:12:37 -0000
Received: from motgate3.mot.com (HELO motgate3.mot.com) (136.182.1.13) by server-6.tower-153.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 2 Mar 2010 17:12:37 -0000
Received: from il27exr04.cig.mot.com ([10.17.196.73]) by motgate3.mot.com (8.14.3/8.14.3) with ESMTP id o22HCbxs003000 for <emu@ietf.org>; Tue, 2 Mar 2010 10:12:37 -0700 (MST)
Received: from il27vts01 (il27vts01.cig.mot.com [10.17.196.85]) by il27exr04.cig.mot.com (8.13.1/Vontu) with SMTP id o22HCav7006810 for <emu@ietf.org>; Tue, 2 Mar 2010 11:12:36 -0600 (CST)
Received: from de01exm68.ds.mot.com (de01exm68.am.mot.com [10.176.8.24]) by il27exr04.cig.mot.com (8.13.1/8.13.0) with ESMTP id o22HCXVY006798 for <emu@ietf.org>; Tue, 2 Mar 2010 11:12:33 -0600 (CST)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CABA2B.7F9F7D01"
Date: Tue, 02 Mar 2010 12:12:12 -0500
Message-ID: <3A241A6B234BE948B8B474D261FEBC2F07239E91@de01exm68.ds.mot.com>
In-Reply-To: <BLU137-W224800D5E4F025B20DA32A938F0@phx.gbl>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Emu] Working Group Last Call for draft-ietf-emu-chbind-04.txt (part 3)
Thread-Index: Acp30Fal0U342+rxThqm/T2sK0lgfxCWcGww
References: <BLU137-W224800D5E4F025B20DA32A938F0@phx.gbl>
From: Hoeper Katrin-QWKN37 <khoeper@motorola.com>
To: Bernard Aboba <bernard_aboba@hotmail.com>, emu@ietf.org
X-CFilter-Loop: Reflected
Subject: Re: [Emu] Working Group Last Call for draft-ietf-emu-chbind-04.txt (part 3)
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2010 17:12:39 -0000
Bernard, All, Comments inline. ________________________________ From: emu-bounces@ietf.org [mailto:emu-bounces@ietf.org] On Behalf Of Bernard Aboba Sent: Tuesday, December 08, 2009 12:33 AM To: emu@ietf.org Subject: Re: [Emu] Working Group Last Call for draft-ietf-emu-chbind-04.txt (part 3) Section 9.2 Additional network entities (such as proxies) might be on the communication path between peer and server and may attempt to manipulate the channel binding protocol. If these entities do not possess the keying material used for integrity protection of the channel binding messages, the same threat analysis applies as for the dishonest authenticators. Hence, such entities can neither manipulate single channel binding messages nor the outcome. On the other hand, entities with access to the keying material must be treated like a server in a threat analysis. Hence such entities are able to manipulate the channel binding protocol without being detected. However, the required knowledge of keying material is unlikely since channel binding is executed before the EAP method is completed, and thus before keying material is typically transported to other entities. [BA] Unless the transient EAP keys used for integrity protection are derivable from the MSK, possession of the MSK would not be sufficient to enable an authenticator to modify the channel bindings. As a result, the only entities relevant to the threat analysis are those that possess the TEKs, not just those that possess the MSK or other derived keys. [KH] I assume you have a problem with the last sentence that suggests that integrity protected keys are derived from the MSK. The rest of the paragraph talks very generally about “keying material used for integrity-protection”. For this reason I suggest changing the last sentence to “However, the required knowledge of keying material is unlikely even if the keys are derived from the MSK because channel binding is executed before the EAP method is completed, and thus before the MSK is transported to other entities.” <http://im.live.com/Messenger/IM/Home/?source=EML_WLHM_GreaterGood>
- Re: [Emu] Working Group Last Call for draft-ietf-… Bernard Aboba
- Re: [Emu] Working Group Last Call for draft-ietf-… Hoeper Katrin-QWKN37