| Issue 254: Key Lifetime Issues | <– Date –> <– Thread –> |
From: Bernard Aboba (aboba internaut.com)
|
|
| Date: Sat, 21 Aug 2004 16:47:08 -0400 (EDT) | |
Issue 254: Key Lifetime Issues Submitter name: Bernard Aboba Submitter email address: aboba [at] internaut.com Date first submitted: 8/8/2004 Reference: Document: Keying-03 Comment type: T Priority: S Section: 2.3 Rationale/Explanation of issue The Key Lifetime section does not address several issues: * Re-key. Section 2.3 should discuss the distinction between re-key and re-authentication. EAP does not support rekey without re-authentication for the exported keys: MSK, EMSK, IV. However, the Secure Association Protocol may support rekey of the TSKs without re-authentication. * Caching. Section 2.3 should discuss the potential implications of key caching, for each type of key. Caching of exported keys varies between lower layers, and as a result, EAP or EAP methods do not negotiate the lifetime of exported keys. However, even lower layers that support caching do not negotiate the exported key lifetime between the peer and authenticator. Section 2.3 should lay out the potential options for cache synchronization and analyze the pros and cons.
-
Issue 254: Key Lifetime Issues Bernard Aboba, August 10 2004
- Issue 254: Key Lifetime Issues Bernard Aboba, August 21 2004
- Re: Issue 254: Key Lifetime Issues Jari Arkko, August 21 2004
-
Re: Issue 254: Key Lifetime Issues Bernard Aboba, November 16 2004
- Re: Re: Issue 254: Key Lifetime Issues Jari Arkko, November 17 2004
Results generated by Tiger Technologies using MHonArc.