| Re: Fix references to group key management protocol in EAP Key management framework I-D | <– Date –> <– Thread –> |
From: Lakshminath Dondeti (ldondeti qualcomm.com)
|
|
| Date: Thu, 6 Apr 2006 11:19:56 -0700 (PDT) | |
hmm, I may be misunderstanding but let me ask you this. Phase 2b is
for group SA establishment, right. The SA establishment protocol
(e.g., the 4-way or the 2-way exchanges in 11i for GTKSA
establishment) doesn't have to support EAP.
I can answer your question on whether MSEC GSA establishment protocols do or intend to support EAP, but I wonder whether it's relevant in this context. As I noted, I may have a misunderstanding of Phase 2b, and if so please feel free to correct me.
At 10:52 AM 4/6/2006, Jari Arkko wrote:
I can answer your question on whether MSEC GSA establishment protocols do or intend to support EAP, but I wonder whether it's relevant in this context. As I noted, I may have a misunderstanding of Phase 2b, and if so please feel free to correct me.
thanks Jari, Lakshminath
At 10:52 AM 4/6/2006, Jari Arkko wrote:
I agree with your complaint about the current text. But I have a question for you: do any of the protocols that you list in the proposed text work with EAP-based authentication? If yes, then those can be listed. Otherwise it might be more appropriate to say "... while the establishment of multicast security associations (phase 2b) is not supported for EAP-based authentication", or words to that effect.
--Jari
Lakshminath Dondeti wrote:
> Description of issue: EAP Key management framework I-D currently says > in Page 14 > > " > IKEv2, defined in [RFC4306], handles the derivation of unicast > security associations (phase 2a), while the derivation of multicast > security associations (phase 2b) is handled in a separate group key > management protocol, as described in [RFC4046]. " > > The problem is 4046 describes MSEC's group key management framework > and not a particular key management protocol. MSEC has specified > three key management protocols for group key establishment and they > are GDOI, GSAKMP and MIKEY and is working on a third GKDP (this one is > *similar* to IKEv2). > > I'd also suggest using the phrase "establishment of multicast SAs" > instead of "derivation ..." > > Submitter name: Lakshminath Dondeti > Submitter email address: ldondeti [at] qualcomm.com > Date first submitted: April 3, 2006 > Reference: <> > Document: Document Requiring change [Keying Framework] > Comment type: ['E'] > Priority: ['S' Must fix] > Section: 2.1 > Rationale/Explanation of issue: See above. > Length description of problem > > Requested change: > > "while the establishment of multicast security associations (phase 2b) > may be handled by a group key management protocol such as GDOI > [RFC3547], GSAKMP [RFC-to-be-GSAKMP], MIKEY [RFC3830], or GKDP > [GKDP-work-in-progress]." > > > +++++++++ > > regards, > Lakshminath > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: > http://lists.frascone.com/mailman/listinfo/eap > > Arhives: http://lists.frascone.com/pipermail/eap > >
-
Fix references to group key management protocol in EAP Key management framework I-D Lakshminath Dondeti, April 3 2006
-
Re: Fix references to group key management protocol in EAP Key management framework I-D Jari Arkko, April 6 2006
- Re: Fix references to group key management protocol in EAP Key management framework I-D Lakshminath Dondeti, April 6 2006
-
Re: Fix references to group key management protocol in EAPKey management framework I-D Bernard Aboba, April 6 2006
- Re: Fix references to group key management protocol in EAPKey management framework I-D Lakshminath Dondeti, April 6 2006
- Re: Fix references to group key management protocol in EAPKey management framework I-D Jari Arkko, April 6 2006
-
Re: Fix references to group key management protocol in EAP Key management framework I-D Jari Arkko, April 6 2006
Results generated by Tiger Technologies using MHonArc.