eap Mailing List: RE: WGLC for eap-keying: EAP server-AAA server

[Nakhjiri Madjid-MNAKHJI1 (Madjid.Nakhjiri]

-----Original Message-----
From: eap-admin [at] frascone.com [mailto:eap-admin [at] frascone.com] On Behalf
Of Bernard Aboba
Sent: Tuesday, November 01, 2005 1:21 PM
To: david [at] mitton.com; eap [at] frascone.com
Subject: RE: [eap] WGLC for eap-keying: EAP server-AAA server

>1) EIK | PMK =truncate (MSK, 320)
>2) PMK2= truncate (MSK, 160)

Both of these definitions imply that the PMK is a truncated version of
the 
MSK.   Perhaps we can just point that out, and reference 802.11 and
802.16e. 
   There really is not much need to say anything more than that.

Madjid>> My point exactly, except even that is may be too much. What if
it was not a truncation? PMK creation, is really a lower layer issue.

>[Joe] The choice of AAA-Key term in the EAP RFC was unfortunate, it 
>think it would have been better if we stuck just with the MSK.

Yes.  The term "AAA-Key" has been the source of much confusion.   It
took 
quite a while, but at this point, the term is only used once in the EAP
Keying Framework (in the terminology seciton).

Madjid>> Ok, if you say so. But it is still heavily used in 3748 and in
extension drafts 

"AAA-Key-B = prf(AMSK(0,63),"EAP AAA-Key derivation for
                  multiple attachments", AAA-Key, B-Called-Station-Id,
                  Calling-Station-Id,length)"


>Existing lower layers already use the MSK directly so I don't think 
>defining AMSKs derived from this quantity is appropriate in this 
>document.

Right.


_______________________________________________
eap mailing list
eap [at] frascone.com
http://mail.frascone.com/mailman/listinfo/eap