eap Mailing List: Re: Issue: Use of a label in derivation of keys from the MSK

[Lakshminath Dondeti (ldondeti]

If we are to do this, we should summarize all the known uses of the MSK: 
 In some cases it is used for deriving traffic keys and in other cases, 
traffic keys along with other MSK-equivalent keys.  Some specifications 
achieve key separation by using different parts of the MSK for different 
purposes and use key labels for key separation thereafter.  Others use 
labels alone for key separation.  The MSK is also used as a substitute 
for LTCs in the IKEv2 context.

Given the complexity of the state of affairs, a simple statement along 
the lines of "use key labels for key separation" is not really accurate.

regards,
Lakshminath

On 11/20/2007 2:06 PM, Bernard_Aboba [at] hotmail.com wrote:
> > We haven't restricted the use of the MSK in IETF documentation thus far
> > and hence, several lower layers have used it in different ways. 
>
> I believe that all existing uses of the MSK utilize labels for
> key derivation.  Can you name a specific exception?  
> _________________________________________________________________
> To unsubscribe or modify your subscription options, please visit:
> http://lists.frascone.com/mailman/listinfo/eap
>
> Arhives: http://lists.frascone.com/pipermail/eap