List Info

Thread: Strawman -10/EMSK deletion requirement?
Strawman -10/EMSK deletion requirement?
user name
 2006-03-09 19:40:44 
Glen and Jari,

That is what I thought the 'M' was about as well. 

> -----Original Message-----
> From: Glen Zorn (gwz) [mailto:gwzcisco.com] 
> Sent: Thursday, March 09, 2006 1:19 PM
> To: Jari Arkko
> Cc: eapfrascone.com
> Subject: RE: [eap] Strawman -10/EMSK deletion
requirement?
> 
> Jari Arkko <mailto:jari.arkkopiuha.net> supposedly
scribbled:
> 
> > Glen Zorn (gwz) wrote:
> > 
> >> 
> >>>> 
> >>>> 
> >>> The problem is that since EMSK is the
root, its 
> compromise will lead 
> >>> to the compromise of all derived keys.
This also holds 
> locally for 
> >>> the AMSK_root_0 approach. That is, if
AMSK_root_0 is compromised 
> >>> then any keys derived from that root are
compromised (but 
> not keys 
> >>> in other apps).
> >>> 
> >>> 
> >> 
> >> I guess I'm just confused, then (not a
first!).  I thought 
> that the 
> >> major problem was that it is basically
impossible to no which (if
> >> any) _applications_ a person would choose to
use during a session. 
> >> If that is accurate, I can't really see how
the 
> AMSK_root_0 approach
> >> solves the problem.  If that's not the
problem, what is?    
> >> 
> >> 
> > Oh. Maybe I was confused. AMSK_root_0 does not
solve that 
> problem. It 
> > solves the problem that if your application
requires 
> multiple keys (as 
> > in fast handoff to AP2, AP3, etc) then you still
only need one AMSK 
> > from the EMSK for the application. That
AMSK_root_0 can 
> then be used 
> > to generate all the keys that the application in
question needs.
> 
> OK, I guess I just assumed that the "M" in
"AMSK" implied that usage.
> 
> > 
> > --Jari
> 
> Hope this helps,
> 
> ~gwz
> 
> Why is it that most of the world's problems can't be
solved by simply
>   listening to John Coltrane? -- Henry Gabriel 
>
____________________________________________________________
_____
> To unsubscribe or modify your subscription options,
please visit:
> http:/
/lists.frascone.com/mailman/listinfo/eap
> 
> Arhives: http://lists.
frascone.com/pipermail/eap
> 
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap

Arhives: http://lists.
frascone.com/pipermail/eap
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )