| Re: Comments on draft-ietf-eap-keying-08b.txt | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Tue, 13 Dec 2005 06:56:51 -0800 (PST) | |
Hi Thomas,
--Jari
Thank you for the comments. I mostly agree with them, some notes inline:
Three brief comments to http://www.drizzle.com/~aboba/EAP/draft-ietf-eap-keying-08b.txt.
1) Some "independences" are capitalized, others not, e.g.
1.4.2 ... media independence 1.4.3 ... Media Independence ...
2) It seems there is an inconsistency regarding what an EAP method exports. Figure 1 shows that an EAP method exports MSK,EMSK,IV, Peer-ID,Server-ID, Method-ID,Key-Lifetime.
Section 2.2 now says "In completion of EAP authentication, EAP methods on the peer and EAP
server export the Master Session Key (MSK), Extended Master Session
Key (EMSK), Initialization Vector (IV), Peer-ID, Server-ID, Session-ID and
Key-Lifetime."
I think 2.2 must be "Method-ID". 3) Section 3.6. says, "it is RECOMMENDED that EAP methods utilizing public key cryptography choose a
public key that has a cryptographic strength meeting the symmetric key strength"
I'm not sure why you say "recommended" here? What else could one do?
Its just an explanatory note that the claimed strength should match the PK strength. I would not change anything here.
RFC 3748 says: "EAP methods supporting key derivation SHOULD be capable of generating an
MSK and EMSK, each with an effective key strength of at least 128 bits."
This implies that the effective key strength of public key cryptography must be (rougly) equivalent to that of symmetric key cryptography.
In this context, the following statement of RFC 4017 appears wrong (at least for me). Neither says RFC 3748, that an EAP method MUST derive a MSK and EMSK, nor that the effective key strength MUST be 128 bit.
"Key strength. An EAP method suitable for use with IEEE 802.11
MUST be capable of generating keying material with 128-bits of
effective key strength, as defined in [RFC3748], Section 7.2.1."
RFC 4017 has a stronger requirement. I would have added "at least" to the text of 4017 but its probably understandable anyway...
--Jari
-
Comments on draft-ietf-eap-keying-08b.txt Thomas Otto, November 30 2005
- Re: Comments on draft-ietf-eap-keying-08b.txt Jari Arkko, December 13 2005
Results generated by Tiger Technologies using MHonArc.