| RE: Strawman -10/EMSK deletion requirement? | <– Date –> <– Thread –> |
From: Avi Lior (avi bridgewatersystems.com)
|
|
| Date: Thu, 9 Mar 2006 11:38:19 -0800 (PST) | |
Glen and Jari, That is what I thought the 'M' was about as well. > -----Original Message----- > From: Glen Zorn (gwz) [mailto:gwz [at] cisco.com] > Sent: Thursday, March 09, 2006 1:19 PM > To: Jari Arkko > Cc: eap [at] frascone.com > Subject: RE: [eap] Strawman -10/EMSK deletion requirement? > > Jari Arkko <mailto:jari.arkko [at] piuha.net> supposedly scribbled: > > > Glen Zorn (gwz) wrote: > > > >> > >>>> > >>>> > >>> The problem is that since EMSK is the root, its > compromise will lead > >>> to the compromise of all derived keys. This also holds > locally for > >>> the AMSK_root_0 approach. That is, if AMSK_root_0 is compromised > >>> then any keys derived from that root are compromised (but > not keys > >>> in other apps). > >>> > >>> > >> > >> I guess I'm just confused, then (not a first!). I thought > that the > >> major problem was that it is basically impossible to no which (if > >> any) _applications_ a person would choose to use during a session. > >> If that is accurate, I can't really see how the > AMSK_root_0 approach > >> solves the problem. If that's not the problem, what is? > >> > >> > > Oh. Maybe I was confused. AMSK_root_0 does not solve that > problem. It > > solves the problem that if your application requires > multiple keys (as > > in fast handoff to AP2, AP3, etc) then you still only need one AMSK > > from the EMSK for the application. That AMSK_root_0 can > then be used > > to generate all the keys that the application in question needs. > > OK, I guess I just assumed that the "M" in "AMSK" implied that usage. > > > > > --Jari > > Hope this helps, > > ~gwz > > Why is it that most of the world's problems can't be solved by simply > listening to John Coltrane? -- Henry Gabriel > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/eap > > Arhives: http://lists.frascone.com/pipermail/eap >
- RE: Strawman -10/EMSK deletion requirement?, (continued)
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
-
RE: Strawman -10/EMSK deletion requirement? Glen Zorn (gwz), March 9 2006
- Re: Strawman -10/EMSK deletion requirement? Jari Arkko, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Glen Zorn (gwz), March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Narayanan, Vidya, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 9 2006
-
RE: Strawman -10/EMSK deletion requirement? Salowey, Joe, March 9 2006
- Re: Strawman -10/EMSK deletion requirement? Jari Arkko, March 9 2006
Results generated by Tiger Technologies using MHonArc.