[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What am I waiting on for gs2?
On Thu, Dec 20, 2007 at 09:59:35AM -0600, Nicolas Williams wrote:
> I'd rather see that bit in the client/server's second wrap token, yes.
We almost already have it. Since the last wrap token carries the
selected security layer, and that selection is derived from channel
binding success/failure. Of course, if a given mechanism does not
support confidentiality protection but the underlying channel does and
channel binding failes then we need a way to signal this. So, yes, I
think we need one more bit in the client/server's last wrap token for
this.