Nicolas Williams <Nicolas.Williams%sun.com@localhost> writes: >> It could do that. I wonder if it would work. I am sufficiently >> uncomfortable with GSS channel bindings to refrain from recommending >> their use until CCM becomes much more mature. > > Why are you uncomfortable with GSS channel bindings? We know that they > work, from experience, where they are supported. The lack of support > for channel bindings across the board is definitely one good reason to > be uncomfortable with using that facility to tackle this problem. How about adding a boolean flag to the gss exchange that the client sets to tell the server it used bindings. This way we don't need require channel bindings today. And servers can be configured to accept gss exchange that doesn't support integrity but channel binding. There is the issue how the server tells the client it needs to use channel bindings for that mech it just tried, but that I'm sure can be solved. Love
Attachment:
pgpiM6y6xYA6d.pgp
Description: PGP signature