"Joseph Salowey" <jsalowey%cisco.com@localhost> writes: Hi Josepha and Jeff, > Okay, You reminded me of all the reasons why I don't like GSSAPI channel > bindings. My only issue with MIC is that it might add an extra round > trip. I think that this is outweighed by the fact that MIC would > probably lead to more consistent implementations. > > In any case I agree that we do not want to bind addresses. I'm fine with that, using GSS_C_AF_NULLADDRs and stuff the session identifier in the application_data fields, the later is what CCM proposes, would work for all mechs that have working channel bindings would save you From the extra round trip. But then, channel bindings are useless (for ssh gssuserauth) because they are optional for the gss mechs. If the MIC is set with the last gss exchange packet, you would have 0 or 1 extra packets. 0 in the case where the last exchange packets is from the client and 1 when the last exchange packet is from the server. So I would argue that its not a extra roundtrip, but rather none (with more data) or a half. I would very much like to see mutual auth in the gss userauth layer, but sending MIC from client to server is ok with me. Love
Attachment:
pgpcmcnyHPk4X.pgp
Description: PGP signature