[Standards] IETF SASL WG meeting
Greg Hudson
ghudson at MIT.EDU
Tue Dec 11 11:15:31 CST 2007
On Mon, 2007-12-10 at 10:20 -0800, Justin Karneges wrote:
> I don't understand this talk about the SASL negotiation being attacked by a
> MITM when it is taking place over TLS. There is brief mention of Bob
> possibly not having a certificate or Alice not trusting Bob's CA. Does this
> mean the channel binding problem only affects anonymous/unauthenticated TLS?
It strengthens your security properties in cases where you trust your
SASL authentication mechanism more than you trust the TLS authentication
mechanism.
If you trust TLS to authenticate the server to the client, then I
believe you can do client-to-server authentication without any form of
channel binding and you're fine.
More information about the Standards
mailing list