| RE: Re: m.getKey() and RFC 4137 | <– Date –> <– Thread –> |
From: Narayanan, Vidya (vidyan qualcomm.com)
|
|
| Date: Fri, 17 Mar 2006 12:57:37 -0800 (PST) | |
> > > > Vidya said: > > "Are you saying then that in accordance with 4137, the EMSK > will also be delivered to the AAA layer on the EAP server? " > > That's how I read it, yes. The keying material and > parameters are passed via the eapKeyData structure to the > lower layer (which would be the AAA layer on the EAP server > when in passthrough mode), via the m.getKey() function. The > AAA layer then fills in the aaaEapKeyData structure and > passes this to the authenticator. While both eapKeyData and > aaaEapKeyData are of type "EAP Key" there doesn't appear to > be a presumption that they are the same. So the AAA layer > could receive the EMSK, but not pass it to the > authenticator. > I wonder if we are restricted in defining the behavior of the EMSK based on a spec that did not consider EMSKs to begin with? It may be that we would conclude it is okay to pass the EMSK to the AAA layer - but, should we be constrained by 4137 though? Vidya
- RE: Re: m.getKey() and RFC 4137, (continued)
-
RE: Re: m.getKey() and RFC 4137 Bernard Aboba, March 17 2006
- Re: Re: m.getKey() and RFC 4137 Jari Arkko, March 22 2006
- Re: Re: m.getKey() and RFC 4137 Bernard Aboba, March 22 2006
-
RE: Re: m.getKey() and RFC 4137 Bernard Aboba, March 17 2006
- RE: Re: m.getKey() and RFC 4137 Bernard Aboba, March 17 2006
Results generated by Tiger Technologies using MHonArc.