Behalf Of Jari Arkko
Sent: Thursday, March 13, 2008 7:04 PM
To: Bernard Aboba
Subject: Re: IETF Last Call on Walled Garden Standard for the Internet
For what it is worth, this ex-EAP co-chair also thinks that
the use of EAP keys for applications is a very bad idea.
And I too am concerned about introducing walled gardens through this.
Having said that, I think there are legitimate uses of EMSK
in the area of network access, such as various fast handover
proposals in EAP. My understanding is that HOKEY is working
on this. So perhaps one potential direction for resolving
your issues is to provide a much stricter IANA section and an
Sure based on technical merits not FUD.
I realize that this does not prevent people from grabbing
values. But I note that I know of one case at least where
this has already happened, even without an IETF
specification. Arguably the situation with a (sufficiently
tight) spec might be better, because we can use the spec to
explain what usage is inappropriate.
I realize we have RFC
3748 already, but since use of EMSK has been an IETF topic
for 5+ years, I think it would be reasonable to state what
the final rules are on taking specific keys out of the EMSK.
Sure based on technical merits and not FUD.
IETF mailing list