| Re: Issue: Use of a label in derivation of keys from the MSK | <– Date –> <– Thread –> |
From: Bernard_Aboba (Bernard_Aboba hotmail.com)
|
|
| Date: Tue, 20 Nov 2007 04:36:54 -0800 (PST) | |
802.11i, 802.11r, 802.1af all use labels. The lack of a label in the
PANA protocol has been flagged as an errata and will presumably be fixed in AUTH 48. So in effect, this practice has been around for a while, but was not written down.
I agree about the lower layer assumptions.
PANA protocol has been flagged as an errata and will presumably be fixed in AUTH 48. So in effect, this practice has been around for a while, but was not written down.
I agree about the lower layer assumptions.
-------------------------------------------------- From: "Joseph Salowey (jsalowey)" <jsalowey [at] cisco.com> Sent: Monday, November 19, 2007 5:14 PM To: <Bernard_Aboba [at] hotmail.com>; "eap-WG" <eap [at] frascone.com> Subject: Re: [eap] Issue: Use of a label in derivation of keys from the MSK
While I agree this is good practice, I think we have to be careful about
relying upon this to always be the case. Not all uses of the MSK may
currently use a label (I'm not sure if PANA does). Since this rule has
not been around for long a particular lower layer should not assume that
using a key label will have any effect on guaranteeing uniqueness from
any keys it doesn't control the derivation of. It will help in
guaranteeing uniqueness in keys that it does control the derivation of.
-----Original Message-----
From: Bernard_Aboba [at] hotmail.com [mailto:Bernard_Aboba [at] hotmail.com] Sent: Friday, November 16, 2007 6:48 AM
To: 'eap-WG'
Subject: [eap] Issue: Use of a label in derivation of keys from the MSK
To date, EAP lower layers utilizing the MSK have often utilized a label within the PRF used for deriving other keys in order to ensure uniqueness of key branches. This includes 802.11i, 802.11r, and now 802.1af. However, this "unwritten rule" has not been included the EKMF document. This seems like a fairly important omission.
_________________________________________________________________ To unsubscribe or modify your subscription options, please visit: http://lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.frascone.com/pipermail/eap
-
Issue: Use of a label in derivation of keys from the MSK Bernard_Aboba, November 16 2007
-
Re: Issue: Use of a label in derivation of keys from the MSK Joseph Salowey (jsalowey), November 19 2007
- Re: Issue: Use of a label in derivation of keys from the MSK Bernard_Aboba, November 20 2007
-
Re: Issue: Use of a label in derivation of keys from the MSK Joseph Salowey (jsalowey), November 19 2007
-
Re: Issue: Use of a label in derivation of keys from the MSK Dan Harkins, November 19 2007
-
Re: Issue: Use of a label in derivation of keys from the MSK Bernard_Aboba, November 20 2007
- Re: Issue: Use of a label in derivation of keys from the MSK Narayanan, Vidya, November 20 2007
- Re: Issue: Use of a label in derivation of keys from the MSK Bernard_Aboba, November 20 2007
-
Re: Issue: Use of a label in derivation of keys from the MSK Bernard_Aboba, November 20 2007
Results generated by Tiger Technologies using MHonArc.