| Re: Use of EMSK? | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Thu, 6 Oct 2005 10:33:50 -0400 (EDT) | |
Hi Dave,
http://www.drizzle.com/~aboba/EAP/draft-aboba-eap-keying-extns-00.txt
--Jari
David Mitton wrote:
The history is that EMSK usage rules were incorporated in the EAP Keying Framework draft, a WG item. However, since we are having problems completing this work, decided in IETF-62 to split the draft in two. The other part, extensions, now contains the rules:
http://www.drizzle.com/~aboba/EAP/draft-aboba-eap-keying-extns-00.txt
Anyway, the use EMSK should be possible, if you have provided sufficient explanation of the specific use to convince that the security is well thought out. In terms of dependencies, we think that this requires the above document to complete. But if there's demand, perhaps we could move the EMSK/AMSK "IANA" rules to the keying framework (but we would not define your or anyone else's usage for you; you'd have to do that by yourself).
--Jari
David Mitton wrote:
In reviewing the design of a session resumption feature or re-authentication, it seems tempting to use the EMSK as keying material, as it often not exposed to the network.
I went looking to see if anyone else has done this, but only found RFC 3748 saying it's reserved for future definition. Back at IETF 58, we got a short presentation on draft-salowey-eap-key-deriv-02.txt
by J. Salowey, P. Eronen. But I cannot figure out what became of this issue.
Dave.
_______________________________________________ eap mailing list eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap
-
Use of EMSK? David Mitton, October 5 2005
- Re: Use of EMSK? Jari Arkko, October 6 2005
-
Re: Use of EMSK? Jari Arkko, October 6 2005
- Re: Use of EMSK? Julien Bournelle, October 6 2005
- RE: Use of EMSK? Salowey, Joe, October 6 2005
Results generated by Tiger Technologies using MHonArc.