eap Mailing List: Re: Strawman -10/EMSK deletion requirement?

[Jari Arkko (jari.arkko]

>
>
>>>Further, an EMSK MUST NOT be used to generate more than one 
>>>AMSK for a given application. 
>>>      
>>>
>>I am not sure that the above does not pose a threat.  
>>Normally we would
>>think that one Application would require one AMSK.  But since 
>>we are not
>>defining what an application is -- and we shouldn't IMO enter that rat
>>hole.  Then what if there was some application that requires an two
>>AMSKs.?  Is there harm?
>>    
>>

This related originally to the EMSK deletion requirement. There
was an argument that the EMSK need to stay around so that
application X can keep on asking the 127th key that it needs.

Now that we seem to be saying that there is no strict EMSK
deletion requirement, this may be less urgent.

However, I still think it is a good idea that applications get
just one AMSK, and if they need multiple keys they generate
those themselves.  And the definition of an application can
be "an IANA registered label for an AMSK needed for a
specific purpose". Since the IANA registrations won't have
"handoff 1st key", "handoff 2nd key" etc but rather "handoff key",
then we satisfy this model. But this is still mostly to keep
the hierarchy structurally clean and simple, not for any
specific technical reason. (Other than that it still allows
early deletion of the EMSK better than if we would base
all keys on the EMSK.)

--Jari