Re: security paper on tunneled authentication
2010-09-01 02:31:29 GMT
I agree w/Bernard. It is never too late to fix a broken document.
Hope this helps.
emu-bounces <at> ietf.org [mailto:emu-bounces <at> ietf.org] On Behalf Of Bernard
Sent: Tuesday, August 31, 2010 10:48 PM
To: emu <at> ietf.org
Subject: Re: [Emu] security paper on tunneled authentication
Katrina Hoeper said:
"Unfortunately, it seems to be too late to reference the analysis in the tunnel requirement draft, but I hope that some people still might find it interesting."
[BA] The paper represents the most comprehensive analysis of tunneled authentication security to date, and brings into question a number of assumptions that have been made as to how MITM in the middle attacks can be mitigated. In looking over the tunnel requirements document, there are only a few places where the issue of MITM attacks is discussed, so if you believe there are changes that need to be made, you should go ahead and propose them.
_______________________________________________ Emu mailing list Emu <at> ietf.org https://www.ietf.org/mailman/listinfo/emu