| RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation | <– Date –> <– Thread –> |
From: Avi Lior (avi bridgewatersystems.com)
|
|
| Date: Wed, 9 Nov 2005 22:21:24 -0500 (EST) | |
Jari, Madjid Madjid wrote: > Still it would be nice if do not > add the limitation that prevents the AAA layer/ server to > later ask for another keys, to be exact, if we do not require > deletion of EMSK immediately after AMSK creation. I cannot > come of a specific example right now. > > Madjid We *must* have the ability to ask for another key or keys. Jari wrote: > I think we can easily arrange things so that the AAA layer > asks for AMSKs 1, 2, and 3, which fulfils security > requirements (EMSK is not > exposed) and does not require application knowledge from EAP > layer. Does this work for you? This is good news!!! So if we can have it so that we can also select keys anytime the EMSK is still alive, that would be very good news Avi
- RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation, (continued)
-
RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Vanderveen, Michaela, November 8 2005
- Re: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Yoshihiro Ohba, November 8 2005
- RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Nakhjiri Madjid-MNAKHJI1, November 9 2005
- RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Nakhjiri Madjid-MNAKHJI1, November 9 2005
- RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Avi Lior, November 9 2005
-
RE: Re: Eap keying review: use of MSK/ EMSK for AMSK creation Vanderveen, Michaela, November 8 2005
Results generated by Tiger Technologies using MHonArc.