| Issue 346: Reference Cleanup | <– Date –> <– Thread –> |
From: Bernard Aboba (bernard_aboba hotmail.com)
|
|
| Date: Mon, 3 Apr 2006 10:51:57 -0700 (PDT) | |
Issue 346: Referrence Cleanup Submitter name: Bernard Aboba Submitter email address: aboba [at] internaut.com Date Submitted: April 3, 2006 Reference: Document: Keying-10 Comment type: E Priority: S Section: Various Rationale/Explanation of issue:
There are references included in Section 7.1 and 7.2 that are not referenced anywhere in the text.
The proposed resolution is as follows:
Delete [RFC2434] as a Normative reference.
Correct the reference to [I-D.ohba-eap-aaakey-binding] (typo).
Add references in the text to [RFC2409], [RFC2607],[8021XHandoff], [IEEE-02-758], [IEEE-03-084].
Add a non-normative reference to [I-D.irtf-aaaarch-handoff].
Change the text of Section 4 to:
4. Handoff Vulnerabilities
With EAP, several mechanisms are available to reduce the latency in handoff between authenticators:
[1] EAP pre-authentication. This utilizes EAP to pre-establish EAP
keying material on an authenticator prior to arrival of the peer.
Use of pre-authentication within IEEE 802.11 is described in
[8021XHandoff] and [IEEE-802.11i].[2] Key caching. This mechanism enables an EAP peer to re-attach to an
authenticator without requiring EAP re-authentication.[3] Context transfer, such as is defined in [IEEE-802.11F] (now
deprecated) and [RFC4067]. Use of context transfer for handoff
latency improvement is described in [IEEE-02-758].[4] Proactive key distribution, such as is described in [IEEE-02-758]
and [I-D.irtf-aaaarch-handoff].The sections that follow discuss the security vulnerabilities introduced by the above mechanisms.
Delete the following references from Section 7.2 (Informative References):
[DESMODES] National Institute of Standards and Technology, "DES Modes
of Operation", FIPS PUB 81, December 1980, <http://
www.itl.nist.gov/fipspubs/fip81.htm>.[FIPSDES] National Institute of Standards and Technology, "Data
Encryption Standard", FIPS PUB 46, January 1977.[IEEE-03-155]
Aboba, B., "Fast Handoff Issues", IEEE 802.11 Working
Group, IEEE-03-155r0-I, http://www.ieee802.org/11/
Documents/DocumentHolder/3-155.zip, March 2003.[I-D.ietf-roamops-cert]
Aboba, B., "Certificate-Based Roaming", draft-ietf-roamops-
cert-02 (work in progress), April 1999.[RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
September 1981.[RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-Hashing
for Message Authentication", RFC 2104, February 1997.[RFC2246] Dierks, T., Allen, C., Treese, W., Karlton, P., Freier, A.
and P. Kocher, "The TLS Protocol Version 1.0", RFC 2246,
January 1999.[RFC2401] Kent, S. and R. Atkinson, "Security Architecture for the
Internet Protocol", RFC 2401, November 1998.[RFC2419] Sklower, K. and G. Meyer, "The PPP DES Encryption Protocol,
Version 2 (DESE-bis)", RFC 2419, September 1998.[RFC2420] Kummert, H., "The PPP Triple-DES Encryption Protocol (3DESE)",
RFC 2420, September 1998.[RFC3078] Pall, G. and G. Zorn, "Microsoft Point-To-Point Encryption
(MPPE) Protocol", RFC 3078, March 2001.[RFC3079] Zorn, G., "Deriving Keys for use with Microsoft Point-to-Point
Encryption (MPPE)", RFC 3079, March 2001.[RFC4005] Calhoun, P., Zorn, G., Spence, D. and D. Mitton, "Diameter
Network Access Server Application", RFC 4005, August 2005.- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.