ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Last Call: 'Guidance for AAA Key management' to BCP (draft-housley-aaa-key-mgmt)

2006-11-15 20:37:55
from [Russ Housley] [Permanent Link] 
Joe:


> 5. Unique Key Names
>
> This section states "the key name MUST NOT be based on the
> keying material itself." 802.11i uses this technique; are
> there vulnerabilities associated with this?


Does this proposed text resolve your concern?

AAA key management proposals require a robust key naming scheme,
particularly where key caching is supported.  The key name provides a
way to refer to a key in a protocol so that it is clear to all parties
which key is being referenced.  Objects that cannot be named cannot be
managed.  All keys MUST be uniquely named, and the key name MUST NOT
directly or indirectly disclose the keying material.  If the key name
is not based on the keying material, then one can be sure that it cannot
be used to assist in a search for the key value.
Russ 

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WG Review: Recharter of Internet Emergency Preparedness (ieprep), Sam Hartman
Next by Date:  review of draft-cam-winget-eap-fast-05.txt, Bernard Aboba
Previous by Thread:  RE: Last Call: 'Guidance for AAA Key management' to BCP (draft-housley-aaa-key-mgmt), Joseph Salowey \(jsalowey\)
Next by Thread:  RE: Last Call: 'Guidance for AAA Key management' to BCP (draft-housley-aaa-key-mgmt), Joseph Salowey \(jsalowey\)
Indexes:  [Date] [Thread] [Top] [All Lists]