| Key Naming | <– Date –> <– Thread –> |
From: Hannes Tschofenig (hannestschofenig hotmail.com)
|
|
| Date: Wed, 10 Nov 2004 09:29:10 -0500 (EST) | |
hi all,
i took a look at the most recent version of the keying framework document [3]. i had to notice that an important concept of the document is not clearly described.
this term has caused a lot of confusion in the past.
i got the impression that people use it for three
purposes. :
a) include the identities of the participating entities in the key derivation function
some text snippets in the current eap keying framework draft [3] give the impression that the concept of key naming refers to this issue.
b) include the identities of the participating entities in the messages
this aspect is mentioned in [1] and recently came up in the context of mikey.
c) information used to select a security association
with regard to (c) two issues arise:
1) how do you select the correct security association (and consequently the correct key) for an outbound message (could be data traffic or signaling traffic)?
this aspect is interesting in the context of mobility, several concurrent sessions, rekeying etc.
2) how do you select the correct security association for an inbound message.
rfc 2401 does not directly differentiate inbound and outbound processing:
rfc 2401, section says:
this definition obviously only helps for the inbound
direction but obviously not for the outbound
direction.
this raises a few questions:
- what is meant by key naming?
- why was it necessary to introduce a new term?
- can we change the terminology or should we
define/reuse/change a term?
i would therefore suggest to provide a clarification and to change the terminology of the concept "key naming". if the concept of (c) has to be used then i would rather change it to something like "key index" or to talk about the unique selection of a security association.
[1] M. Abadi and R. Needham: "Prudent engineering
practice for cryptographic protocols", IEEE
Transactions on Software Engineering, 22(1):6--15,
1996.
[2] H. Tschofenig: "[Pana] EAP keying issues and
PANA", 27 Dec 2003, available at PANA mailing list at
http://www1.ietf.org/mail-archive/web/pana/current/ms
g00299.html.
_________________________________________________________________
Die rote Karte für lästige E-Mails. MSN Hotmail mit Junk-Mail-Filter. http://www.msn.de/antispam/prevention/junkmailfilter Jetzt kostenlos anmelden!
i took a look at the most recent version of the keying framework document [3]. i had to notice that an important concept of the document is not clearly described.
this term has caused a lot of confusion in the past.
i got the impression that people use it for three
purposes. :
a) include the identities of the participating entities in the key derivation function
some text snippets in the current eap keying framework draft [3] give the impression that the concept of key naming refers to this issue.
b) include the identities of the participating entities in the messages
this aspect is mentioned in [1] and recently came up in the context of mikey.
c) information used to select a security association
with regard to (c) two issues arise:
1) how do you select the correct security association (and consequently the correct key) for an outbound message (could be data traffic or signaling traffic)?
this aspect is interesting in the context of mobility, several concurrent sessions, rekeying etc.
2) how do you select the correct security association for an inbound message.
rfc 2401 does not directly differentiate inbound and outbound processing:
rfc 2401, section says:
" A security association is uniquely identified by a
triple consisting of a Security Parameter Index (SPI), an IP
Destination Address, and a security protocol (AH or ESP) identifier. "
this definition obviously only helps for the inbound
direction but obviously not for the outbound
direction.
this raises a few questions:
- what is meant by key naming?
- why was it necessary to introduce a new term?
- can we change the terminology or should we
define/reuse/change a term?
i would therefore suggest to provide a clarification and to change the terminology of the concept "key naming". if the concept of (c) has to be used then i would rather change it to something like "key index" or to talk about the unique selection of a security association.
ciao hannes
[1] M. Abadi and R. Needham: "Prudent engineering
practice for cryptographic protocols", IEEE
Transactions on Software Engineering, 22(1):6--15,
1996.
[2] H. Tschofenig: "[Pana] EAP keying issues and
PANA", 27 Dec 2003, available at PANA mailing list at
http://www1.ietf.org/mail-archive/web/pana/current/ms
g00299.html.
_________________________________________________________________
Die rote Karte für lästige E-Mails. MSN Hotmail mit Junk-Mail-Filter. http://www.msn.de/antispam/prevention/junkmailfilter Jetzt kostenlos anmelden!
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.