eap Mailing List: RE: Strawman -10/EMSK deletion requirement?

[Narayanan, Vidya (vidyan]

Avi,

> See inline... 
> 
> > -----Original Message-----
> > From: Narayanan, Vidya [mailto:vidyan [at] qualcomm.com]
> > Sent: Friday, March 10, 2006 12:23 PM
> > To: Avi Lior; Jari Arkko
> > Cc: Salowey, Joe; eap [at] frascone.com
> > Subject: RE: [eap] Strawman -10/EMSK deletion requirement?
> > 
> > 
> > <snip>
> > 
> > > > The role of the
> > > > EAP keying framework is to leave some key material in the
> > > EAP server
> > > > to enable such functionality, but if we are going to use
> > > it, we will
> > > > need, among other things, protocol descriptions on how 
> RADIUS can 
> > > > retrieve pieces of this key information and how particular 
> > > > applications employ these keys.
> > > 
> > > If RADIUS is colocated with EAP-server do we need to define
> > a protocol
> > > for getting the AMSK(s)?
> > >  
> > 
> > I would imagine that each application will define some RADIUS 
> > attributes or Diameter AVPs to retrive the AMSK using the AAA 
> > protocol. No?
> 
> Yes. To get the AMSK or derivative keys from the AAA server. 
> But not between the AAA server and the EAP-Authentication Server.
> 
> Note, if I can remember correctly someone wanted to specify a 
> protocol to get the AMSK from the EMSK.
> 

How often do we have an EAP server not co-located with the AAA server?
When they are co-located, a protocol isn't really required. When they
are not, I can see a need - but, from a practical use case perspective,
I feel that such a protocol would find very limited use. 

Vidya