eap Mailing List

View Index by: Date - Thread - Author
RE: Use of EMSK?
From: Salowey, Joe (jsaloweycisco.com)
Date: Fri, 7 Oct 2005 00:02:01 -0400 (EDT) 
Jari Arkko wrote:
> Hi Dave,
> 
> The history is that EMSK usage rules were incorporated in the
> EAP Keying Framework draft, a WG item. However, since we are
> having problems completing this work, decided in IETF-62 to
> split the draft in two. The other part, extensions, now contains the
> rules: 
> 
> http://www.drizzle.com/~aboba/EAP/draft-aboba-eap-keying-extns-00.txt
> 
> Anyway, the use EMSK should be possible, if you have provided
> sufficient explanation of the specific use to convince that
> the security is well thought out. In terms of dependencies,
> we think that this requires the above document to complete.
> But if there's demand, perhaps we could move the EMSK/AMSK
> "IANA" rules to the keying framework (but we would not define
> your or anyone else's usage for you; you'd have to do that by
> yourself). 
> 

[Joe] I'd like to see this work move forward.  The key derivation and
IANA rules look pretty close to the document that Pasi and I originally
worked on.  We should go through and check to make sure that there are
no omissions, I think the IANA allocation policy is different than what
we had originally proposed.   Maybe we should revitalize the EMSK draft
again? 

> --Jari
> 
> David Mitton wrote:
> 
>> 
>> In reviewing the design of a session resumption feature or
>> re-authentication, it seems tempting to use the EMSK as keying
>> material, as it often not exposed to the network.
>> 
>> I went looking to see if anyone else has done this, but only found
>> RFC 3748 saying it's reserved for future definition. Back at IETF
>> 58, we got a short presentation on draft-salowey-eap-key-deriv-02.txt
>> by J. Salowey, P. Eronen. But I cannot figure out what became of
>> this issue. 
>> 
>> Dave.
>> 
>> _______________________________________________
>> eap mailing list
>> eap [at] frascone.com
>> http://mail.frascone.com/mailman/listinfo/eap
>> 
>> 
> 
> _______________________________________________
> eap mailing list
> eap [at] frascone.com
> http://mail.frascone.com/mailman/listinfo/eap

Results generated by Tiger Technologies using MHonArc.