Hi Vidya,
I think this is an excellent start. I'll put some applicability and
security considerations text together for the document for discussion on
the list.
Cheers,
Joe
-----Original Message-----
From: hokey-bounces(_at_)ietf(_dot_)org
[mailto:hokey-bounces(_at_)ietf(_dot_)org]
On Behalf Of Narayanan, Vidya
Sent: Monday, March 24, 2008 11:27 AM
To: Charles Clancy
Cc: ietf(_at_)ietf(_dot_)org; hokey(_at_)ietf(_dot_)org; Bernard Aboba
Subject: Re: [HOKEY] EMSK Issue
Charles,
-----Original Message-----
From: Charles Clancy [mailto:clancy(_at_)cs(_dot_)umd(_dot_)edu]
Sent: Sunday, March 23, 2008 7:18 PM
To: Narayanan, Vidya
Cc: Glen Zorn; ietf(_at_)ietf(_dot_)org; hokey(_at_)ietf(_dot_)org; Bernard
Aboba
Subject: Re: [HOKEY] EMSK Issue
Vidya,
> ... do the responsible thing, which would be to clearly
define the
applicability, along with providing an interoperable means of
defining > the key hierarchy for those usages that want to/can use
it.
This is all I'm suggesting we do. I think we should add
text to the
document that gives guidance on the types of usages for
which a USRK
would be appropriate. Usages should be for functions
related to the
access network to which you are connecting, and for
functions where it
is reasonable for your access network to have an interest in
authorization.
How about the following text for applicability:
"It must be noted that any application of EAP keying material
to other usages such as handoffs, IP mobility or other
applications is only feasible when those services are
provided either by or through the provider handling network
access. It is also only feasible when those usages only
occur over EAP-capable interfaces. Hence, deriving USRKs or
DSUSRKs for usages other than those facilitated by the
network access provider is NOT RECOMMENDED."
Thanks,
Vidya
_______________________________________________
HOKEY mailing list
HOKEY(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/hokey
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf