BIND 10 #246: Bindctl: Create cryptographic binding between tunnelling protocol and authentication protocol to avoid MITM attacks
BIND 10 Development
do-not-reply at isc.org
Fri Jun 18 02:53:47 UTC 2010
#246: Bindctl: Create cryptographic binding between tunnelling protocol and
authentication protocol to avoid MITM attacks
-------------------------+--------------------------------------------------
Reporter: zhanglikun | Owner: zhanglikun
Type: enhancement | Status: new
Priority: major | Milestone:
Component: bind-ctl | Keywords:
Sensitive: 0 |
-------------------------+--------------------------------------------------
This ticket was generated by the idea provided by Francis in his reply to
email "[bind10-dev] Security Mechanism for Cmdctl and Bindctl".
Currently the password is sent in plaintext from bindctl to cmdctl, and
this was thought as one bad idea.
Some documents about MITM attacks:
the draft explaining the issue for PEAP and TTLS is not well known.
(it is draft-puthenkulam-eap-binding-01.txt)
Google gives another ref: http://eprint.iacr.org/2002/163.pdf
--
Ticket URL: <https://bind10.isc.org/ticket/246>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list