Vidya:
I agree, the document is really addressing AAA/EAP key management.
Why would the scope be limited to EAP? It seems to me that
most, if not
all, of the requirements would be applicable to just about any
AAA-based key management protocol. Would it not be useful to
generalize it?
You are right. It is about AAA key management protocols,
which includes various features of EAP, RADIUS, Diameter, and
secure association protocols.
Hmmm, I was thinking that the scope could be broader than that. There
are key management protocols that try to re-use the AAA framework, some
just for transport and others for more than that. Many of these may
start with a PSK and define derivation of keys needed for the specific
application, but then use AAA for transport of the exchange and
generated keys.
Is there a reason why this document would not be applicable to such
scenarios?
Vidya
Is the document introduction clear about the scope?
Russ
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf