| RE: EMSK Transport Text | <– Date –> <– Thread –> |
From: Nakhjiri Madjid-MNAKHJI1 (Madjid.Nakhjiri motorola.com)
|
|
| Date: Thu, 6 Apr 2006 14:57:17 -0700 (PDT) | |
While I have no issue with the first paragraph, I don't understand the composition of the subparagraph. Sure it is understandable to prohibit EMSK distribution to third parties, but why are we prohibiting its use within the parties who derived it? Don't we think saying EMSK is future use and then say EMSK is not to be used for this or that is a bit contradictory? Either its future use is undefined and is to be defined by other docs or we have some idea about its future use. Why are going to length prohibiting the most probable use case of the EMSK while leaving the rest of use cases open?? -----Original Message----- From: Narayanan, Vidya [mailto:vidyan [at] qualcomm.com] Sent: Thursday, April 06, 2006 3:09 AM To: eap [at] frascone.com Subject: [eap] EMSK Transport Text Section 2 in draft-ietf-eap-keying-11 says: " The EMSK MUST NOT be provided to an entity outside the EAP server or peer, nor is it permitted to pass any quantity to an entity outside the EAP server or peer from which the EMSK could be computed without breaking some cryptographic assumption, such as inverting a one-way function. The EMSK MUST NOT be transported by the AAA layer. As noted in [RFC3748] Section 7.10: The EMSK is reserved for future use and MUST remain on the EAP peer and EAP server where it is derived; it MUST NOT be transported to, or shared with, additional parties, or used to derive any other keys."
-
EMSK Transport Text Narayanan, Vidya, April 6 2006
- RE: EMSK Transport Text Nakhjiri Madjid-MNAKHJI1, April 6 2006
Results generated by Tiger Technologies using MHonArc.