| Re: EAP WG agenda (updated) | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Mon, 7 Nov 2005 10:14:44 -0500 (EST) | |
Mayumi Yanagiya wrote:
--Jari
Hi,
I can’t attend this meeting. Could I ask a question about “Keying Extensions” on this list?
In that draft, it is specified that only EAP entities can use EAP keys for authentication. But, I think that it will be useful to extend EAP key framework to non-EAP entities such as HA which may use non-EAP authentication method.
Are there any problems if we apply EAP key framework to non-EAP entities?
Its hard to give an answer without talking about the specific keys in question. I hope the draft is clear that long-term secrets, MKs, TEKs, MSKs, EMSKs are indeed only for specific EAP entities. Having said that, I see no reason to prohibit the use of AMSKs or even TSKs in a wider context, e.g., the delivery of keys delivered from AMSKs for some fast-handoff entity that did not do EAP. Of course, such usage would have to be well designed to avoid problems and make sense from other points of view, but there should not be any fundamental reason to prevent this in the EAP keying framework.
One current issue that is preventing this in practise, however, is that -08 does not define the AMSKs. My suggestion would be to define it, which would allow usage of AMSKs (with the good design) without the need for EAP WG to respin the keying framework document or add new extensions.
--Jari
-
EAP WG agenda (updated) Jari Arkko, November 4 2005
-
Re: EAP WG agenda (updated) Mayumi Yanagiya, November 6 2005
- Re: EAP WG agenda (updated) Jari Arkko, November 7 2005
- Re: EAP WG agenda (updated) Mayumi Yanagiya, November 8 2005
-
Re: EAP WG agenda (updated) Mayumi Yanagiya, November 6 2005
Results generated by Tiger Technologies using MHonArc.