Alper:
> >And how would we apply this to EAP? There is no authenticator ID known to
> >EAP peer, yet they share an MSK.
>
> I believe that this is being addressed in draft-ietf-eap-keying.
Can you please provide a pointer?
It has peer-id and server-ids defined. But even that has issues, as these
are EAP-method exports, and not always available.
I'll let Bernard handle this part of your message. I'm responding to
the next part.
> > o The expected lifetime of the keying material.
> >
> >Does it make sense to mention something like "Lifetime of a child key
> MUST
> >NOT be greater than the lifetime of its parent in the key hierarchy."?
>
> This is a very good principle, but I think SHOULD NOT is more appropriate.
I'm wondering why we open the door for children keys living longer than the
parent key.
> > For this reason, EAP methods SHOULD
> > provide a mechanism for identity protection of EAP peers, but
> > such protection is not a requirement.
> >
> >
> >"SHOULD" and "not a requirement" seem to clash. We should either make it
> a
> >"MAY", or remove the ",but ...".
>
> All methods do not have to have a mechanism for identity protection,
> but we encourage them to have one.
I understand. What is the affect of "SHOULD but not a requirement"? Is this
like a "SHOULD-"? I mean, what do we lose if we drop the "but such a
protection is not a requirement"?
The next version of the document will say:
In many environments it is important to provide confidentiality protection
for identities. However, this is not important in other environments. For
this reason, EAP methods are encouraged to provide a mechanism for identity
protection of EAP peers, but such protection is not a requirement.
I hope this resolves your concern with the RFC 2119 terms.
Russ
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf