On Sat, Apr 07, 2007 at 04:44:54PM -0400, Charles Clancy wrote: > This is one of the fundamental issues with EAP channel bindings. The > NAS ID is bound to the AAA security association between the > authenticator and the EAP server. The MAC address is visible to the > client. Thus the peer and EAP server each know a different identity for > the authenticator. Whatever identity is used must be channel-bound to > the AAA security association, otherwise the authenticator could lie to > the EAP server about its identity. > > I see two solutions: > > 1. The NAS ID is broadcast to the peer before EAP authentication (e.g. > in an 802.11 beacon) This is something that IEEE 802.11r/D5.0 is doing. R0KH-ID is set to the identity of the NAS Client (e.g., NAS-Identifier if RADIUS is used as the backend protocol) and this identifier is sent to the peer during association (before EAP authentication). In addition, both the R0KH-ID (NAS-Identifier) and R1KH-ID (authenticator MAC address) are mixed in into the key derivation after the EAP authentication. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf