[Standards] IETF SASL WG meeting
Tony Finch
dot at dotat.at
Tue Dec 11 05:05:31 CST 2007
On Mon, 10 Dec 2007, Justin Karneges wrote:
>
> It might be cool to for Bob to cryptographically "prove" that Alice is aware
> that she is talking to him, but does that have much of a practical benefit?
Channel binding is a generic technique, so the privacy layer doesn't have
to be TLS - it might be BTNS IPSEC. The point is it allows you to decouple
authentication from privacy without allowing MITM attacks. Yes, this is
slightly redundant in the case of TLS, but it's a small cost relative to
the improved versatility of SASL.
Tony.
--
f.a.n.finch <dot at dotat.at> http://dotat.at/
HUMBER THAMES DOVER WIGHT: NORTH 5 OR 6, OCCASIONALLY 7 AT FIRST, BECOMING
VARIABLE 3 OR 4. MODERATE OR ROUGH BECOMING SLIGHT OR MODERATE. SHOWERS THEN
FAIR. GOOD.
More information about the Standards
mailing list