Lakshminath Dondeti <> scribbled on Sunday, February 03, 2008 1:30 PM: ... > There was also the issue of not being able to export EAP session IDs > (IIRC) that I referred to in my other message. Hmmm. draft-ietf-eap-keying-22.txt says EAP methods supporting key derivation and mutual authentication SHOULD export a method-specific EAP conversation identifier known as the Session-Id, as well as one or more method-specific peer identifiers (Peer-Id(s)) and MAY export one or more method-specific server identifiers (Server-Id(s)). EAP methods MAY also support the import and export of channel binding parameters. EAP method specifications developed after the publication of this document MUST define the Peer-Id, Server-Id and Session-Id. The Peer-Id(s) and Server-Id(s), when provided, identify the entities involved in generating EAP keying material. For existing EAP methods the Peer-Id, Server-Id and Session-Id are defined in Appendix A. Not sure where the "can't export session IDs" idea came from, but the above would seem to contradict it. ... _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf