eap Mailing List: RE: Re: Rewrite of Section 2 of the EAP Key Management Framework

[Bernard Aboba (Bernard_Aboba]

>I think in the current document it might be wise to document as little
>about AMSK/EMSK as possible unless we want to take on the full task.

I agree. 

>Making use of the EMSK will probably require some changes/extensions to
>what we have already defined.

RFC 3748 already defines the EMSK and specifies that it needs to be exported
by the EAP method. 

>In the document we should not show the propagation of the EMSK and have
>a statement like the following (I'm not sure where it goes yet):

While I agree that we should not be adding material relating to the EMSK, we
do have to be consistent with RFC 3748, which states that the EMSK is
exported by EAP methods.  This means that the EAP peer/authenticator layer
(and presumably the EAP layer) will receive the EMSK.  

My current proposal is to state that the EMSK is passed down to the EAP
peer/authenticator layer and EAP layer, but is never passed down to the
lower layer, although keys calculated from the EMSK can be passed down to
the lower layer if requested by the lower layer, as long as the EMSK itself
is not exposed. 

>"Instead of using the EMSK directly keys should be derived for application
>specific usage.  This usage and specification is beyond the scope of the
>current document."

I think that some language specifying that the lower layer never receives
the EMSK, or quantities from which the EMSK can be derived should do the
job.