Thanks for your response.
On Tue, Mar 25, 2008 at 10:04:00AM +0200,
Yoshihiro Ohba wrote:
I think Vidya has a good point.
My opinion is that, bootstrapping protocols from long-term
credentials used for network access authentication is not such a bad
idea, but we just do not know yet the best way to realize it:
Such bootstrapping or "single sign-on" protocol could (and IMHO
should) still be independent of the link it's run over (i.e., it
would work over any IP network).
I agree that a "single sign-on" protocol should work over any IP
BTW, 3GPP and 3GPP2 already have one such a "single sign-on" protocol,
which uses the same long-term credential you'd usually use for network
access authentication to set up short-term "security assocations" for
higher layer protocols (but it runs over any IP network, so it works
even if, e.g., your current access network did not require any
authentication). It's called "Generic Bootstrapping Architecture"
Yes, I know GBA. My understanding is that GBA is based on AKA, but
your comment below seems to indicate that GBA has extensibility, which
(GBA design also allows adding new types of credentials between the
client and the "key distribution center" (BSF) without impacting other
elements of the system. You could, e.g., add support for EAP here in a
way that would be independent of the link layer currently being used.
So far, 3GPP/3GPP2 have not needed this, but if GBA ends up being used
in other systems as well, it could be useful.)
This is quite interesting. On the other hand, I believe that
bootstrapping applications is not just key creation - an additional
ground work would be needed for secure key distribution to make GBA or
any other potential "single sign-on" approaches to be truely
(BTW, as you may know, HOKEY WG is now discussing removal of peer
consent property from DSRK (or rRK) distribution under the name of
optimization and simplicity, but from security perspective, it is just
a retrograde step against future direction, IMO.)
IETF mailing list