[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [eap] RE: [Isms] RADIUS is not a trusted third party

To: "Blumenthal, Uri" <uri.blumenthal@intel.com>, <gwz@cisco.com>, "Bernard Aboba" <aboba@internaut.com>
Subject: RE: [eap] RE: [Isms] RADIUS is not a trusted third party
From: "Nelson, David" <dnelson@enterasys.com>
Date: Tue, 26 Apr 2005 15:03:33 -0400
Cc: <radiusext@ops.ietf.org>, <eap@frascone.com>, <isms@ietf.org>

Uri Blumenthal writes...

> I consider EAP server running inside AAA server. If others
> (besides Glen and Bernard) on this list disagree with this perception
-
> I invite them to speak up please.

I agree that is most often the case, in practice.  The EAP server is
packaged as part of the RADIUS or Diameter server software distribution.


From a protocol definition perspective, however, the EAP server and AAA
server are distinct entities.  Any interaction (API) between these
entities is outside the scope of the EAP, RADIUS or Diameter RFCs. Any
security analysis of those protocols cannot take into account the AAA
server to EAP server API, as it is implementation specific.



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Issue 83: CUI and re-authentication
Next by Date: RE: [eap] RE: [Isms] RADIUS is not a trusted third party
Previous by thread: RE: [eap] RE: [Isms] RADIUS is not a trusted third party
Next by thread: RE: [eap] RE: [Isms] RADIUS is not a trusted third party
Index(es):
- Date
- Thread