| Re: Issue 392: Authorization Issues | <– Date –> <– Thread –> |
From: Lakshminath Dondeti (ldondeti qualcomm.com)
|
|
| Date: Sun, 11 Feb 2007 10:54:12 -0800 (PST) | |
I was catching on this discussion and it occurred to me that we can
generalize the following text a bit further:
Bernard Aboba wrote:
Does this mean we are ok with a key management system where compromise of two or more authenticators leads to the compromise of keys help by other authenticators? I think not.
We could reword to say "compromise of one or more authenticators MUST NOT compromise keying material held by the rest of the authenticators within the system" or something like that.
Bernard Aboba wrote:
Here is some revised text:
5.1. Peer and Authenticator Compromise
Likewise, compromise of a
single authenticator MUST NOT compromise keying material held by any
other authenticator within the system.
Does this mean we are ok with a key management system where compromise of two or more authenticators leads to the compromise of keys help by other authenticators? I think not.
We could reword to say "compromise of one or more authenticators MUST NOT compromise keying material held by the rest of the authenticators within the system" or something like that.
thanks Bernard, Lakshminath
- Re: Issue 392: Authorization Issues, (continued)
- Re: Issue 392: Authorization Issues M. Vanderveen, February 6 2007
- Re: Issue 392: Authorization Issues Bernard Aboba, February 6 2007
-
Re: Issue 392: Authorization Issues M. Vanderveen, February 6 2007
-
Re: Issue 392: Authorization Issues Bernard Aboba, February 7 2007
- Re: Issue 392: Authorization Issues Lakshminath Dondeti, February 11 2007
-
Re: Issue 392: Authorization Issues Bernard Aboba, February 7 2007
- Re: Issue 392: Authorization Issues M. Vanderveen, February 7 2007
Results generated by Tiger Technologies using MHonArc.