eap Mailing List: Re: Re: Rewrite of Section 2 of the EAP Key Management Framework

[Jari Arkko (jari.arkko]

Salowey, Joe wrote

> [Joe] I agree that the same key should not be used for two different
> purposes, however it should be possible for an implementation of a
> "lower layer" to use a key to derive keying material to be used within
> it's domain of applicability.  These derived keys may actually be used
> by different entities.  Here is a possible revision to clarify this:
>
> " In order to preserve separation of keying material and security
> considerations fort lower layers separate,
>   lower layers MUST NOT export keys passed down by EAP methods outside
> their domain of control.  This implies that EAP keying material or
> parameters passed down to a lower layer are for the exclusive use of
> that lower and MUST NOT be used within another lower layer for a
> different purpose."
>  
I'm not sure this is precise enough. What does "domain of
control mean"? That I can pass the key from WEP to something
else, as long as I own all devices? Hopefully not... And "lower
layer" is not precise either. Unfortunately, I'm not sure I
have better text to propose!

--Jari