| Re: Re: EAP Key Binding | <– Date –> <– Thread –> |
From: Dorothy Stanley (dstanley agere.com)
|
|
| Date: Mon, 18 Apr 2005 11:02:27 -0400 (EDT) | |
In November, TGr was not ready to approve 04/1498. I think tgr as a whole
had not spent enough time with the doc, and wasn't comfortable with the
content. A draft 04/1498 was enough for the EAP WG to start with, as a rather large "comment" on the
Keying Framework document. I agree it's time to discuss 04/1498 in TGr again.
A (final) 04/1498-compliant TGr solution will also address an outstanding liaison action item, the
"authenticator identity issue", that was raised in CAPWAP discussions:
The centralized model encourages AC implementations to use one PMK for many different WTPs.
This practice facilitates speedy transition by a station from one WTP to another
WTP that is connected to the same AC without establishing a separate PMK.
However, this leaves the station in a difficult position. The station cannot
distinguish between a compromised PMK and one that is intentionally being shared.
This issue must be resolved, but the resolution is beyond the scope of the CAPWAP working group.
Dorothy
Walker, Jesse wrote:
[Walker, Jesse] If you recall, I prepared a requirements document
had not spent enough time with the doc, and wasn't comfortable with the
content. A draft 04/1498 was enough for the EAP WG to start with, as a rather large "comment" on the
Keying Framework document. I agree it's time to discuss 04/1498 in TGr again.
A (final) 04/1498-compliant TGr solution will also address an outstanding liaison action item, the
"authenticator identity issue", that was raised in CAPWAP discussions:
The centralized model encourages AC implementations to use one PMK for many different WTPs.
This practice facilitates speedy transition by a station from one WTP to another
WTP that is connected to the same AC without establishing a separate PMK.
However, this leaves the station in a difficult position. The station cannot
distinguish between a compromised PMK and one that is intentionally being shared.
This issue must be resolved, but the resolution is beyond the scope of the CAPWAP working group.
Dorothy
Walker, Jesse wrote:
[Walker, Jesse] If you recall, I prepared a requirements document
11-04-1498 that we discussed at the November 2004 IEEE 802 meetinginSan Antonio. At the time you indicated you did not think it was necessary for IEEE to forward such a document to IETF.My understanding was that IEEE 802.11 did not vote to approve the requirements document, so that it had no official status.[Walker, Jesse] Right. How I recollect the discussion was that you did not think we needed to create an official response, so I did not ask for a vote.
-- ---------------- Dorothy Stanley Agere Systems 2000 North Naperville Rd. Naperville, IL 60566 630-979-1572 (Phone, Fax) 630-222-6753 (Cell)
-
Re: EAP Key Binding Bernard Aboba, April 16 2005
-
RE: Re: EAP Key Binding Walker, Jesse, April 17 2005
- RE: Re: EAP Key Binding Bernard Aboba, April 17 2005
-
RE: Re: EAP Key Binding Walker, Jesse, April 18 2005
- Re: Re: EAP Key Binding Dorothy Stanley, April 18 2005
- RE: Re: EAP Key Binding Alper Yegin, April 20 2005
- RE: Re: EAP Key Binding Bernard Aboba, April 20 2005
- RE: Re: EAP Key Binding Alper Yegin, April 20 2005
-
RE: Re: EAP Key Binding Walker, Jesse, April 17 2005
Results generated by Tiger Technologies using MHonArc.