| Re: Proposed Resolution to Issue 362: Lower layer parametersand EMSK text | <– Date –> <– Thread –> |
From: Narayanan, Vidya (vidyan qualcomm.com)
|
|
| Date: Mon, 26 Jun 2006 10:21:40 -0700 (PDT) | |
> > Vidya said: > > "> As noted in [RFC3748] Section 7.10: > > > > The EMSK is reserved for future use and MUST remain on the EAP > > peer and EAP server where it is derived; it MUST NOT be > > transported to, or shared with, additional parties, or used to > > derive any other keys." > > Are we sticking to this rule that the EMSK MUST NOT be used > to derive any other keys? Given that there is agreement in > general about potential derivation of keys from the EMSK, > what implications does this text have to future documents > specifying derived keys from the EMSK?" > > [BA] Since this is a quotation from [RFC3748] rather than > anything created in this document, we can delete the quote. > Don't think it adds much anyway. > Ok. > [Vidya] > > >On the EAP server, keying material and parameters requested by and > >passed down to the AAA layer may be replicated to the AAA > layer on the > >authenticator. > > I understand what the above is trying to say - however, this > does conflict with the fact that the EMSK MUST NOT be > transported to the authenticator (even though it may be > passed down to the AAA layer on the server). I wonder if some > clarification is necessary to avoid confusion. > > [BA] How about this? > > "On the EAP server, keying material and parameters requested > by and passed down to the AAA layer may be replicated to the > AAA layer on the authenticator (with the exception of the EMSK)." > Sounds good to me. Vidya
-
Re: Proposed Resolution to Issue 362: Lower layer parameters and EMSK text Bernard Aboba, June 24 2006
- Re: Proposed Resolution to Issue 362: Lower layer parametersand EMSK text Narayanan, Vidya, June 26 2006
Results generated by Tiger Technologies using MHonArc.