| RE: Issue: Use of term lower layer | <– Date –> <– Thread –> |
From: Salowey, Joe (jsalowey cisco.com)
|
|
| Date: Wed, 14 Dec 2005 11:58:24 -0800 (PST) | |
> > "In order to preserve the security of keys derived within EAP > methods, EAP keying material or parameters passed down to a > lower layer are for the exclusive use of that lower layer. > This prevents compromise of one lower layer from compromising > other applications using EAP keying parameters. > > EAP keying material and parameters provided to a lower layer > MUST NOT be transported to another entity. The same applies > to other keying material derived from the EAP keying > material, if the EAP keying material can be computed from the > other material without breaking some cryptographic > assumption, such as inverting a one-way function. For > example, MSK passed down to the EAP peer lower layer or > transported to the authenticator MUST NOT leave the peer. " > [Joe] OK, but do we need to restrict parameters? It seems that there are some parameters that may be used in a security association negotiation between peer and authentication. > --Jari >
- Re: Issue: Use of term lower layer, (continued)
- Re: Issue: Use of term lower layer Yoshihiro Ohba, December 13 2005
- RE: Issue: Use of term lower layer Alper Yegin, December 19 2005
-
RE: Issue: Use of term lower layer Salowey, Joe, December 7 2005
- Re: Issue: Use of term lower layer Jari Arkko, December 13 2005
- RE: Issue: Use of term lower layer Salowey, Joe, December 14 2005
- Re: Issue: Use of term lower layer Jari Arkko, December 14 2005
Results generated by Tiger Technologies using MHonArc.