Jari,
> -----Original Message-----
> From: Jari Arkko [mailto:jari.arkko piuha.net]
> Sent: Friday, March 10, 2006 2:47 AM
> To: Salowey, Joe; Avi Lior; Narayanan, Vidya
> Cc: eapfrascone.com
> Subject: Re: [eap] Strawman -10/EMSK deletion
requirement?
>
> >
> >
> >>>Further, an EMSK MUST NOT be used to
generate more than
> one AMSK for
> >>>a given application.
> >>>
> >>>
> >>I am not sure that the above does not pose a
threat.
> >>Normally we would
> >>think that one Application would require one
AMSK. But
> since we are
> >>not defining what an application is -- and we
shouldn't IMO
> enter that
> >>rat hole. Then what if there was some
application that requires an
> >>two AMSKs.? Is there harm?
> >>
> >>
>
> This related originally to the EMSK deletion
requirement.
> There was an argument that the EMSK need to stay around
so
> that application X can keep on asking the 127th key
that it needs.
>
> Now that we seem to be saying that there is no strict
EMSK
> deletion requirement, this may be less urgent.
>
> However, I still think it is a good idea that
applications
> get just one AMSK, and if they need multiple keys they
> generate those themselves. And the definition of an
> application can be "an IANA registered label for
an AMSK
> needed for a specific purpose". Since the IANA
registrations
> won't have "handoff 1st key",
"handoff 2nd key" etc but
> rather "handoff key", then we satisfy this
model. But this is
> still mostly to keep the hierarchy structurally clean
and
> simple, not for any specific technical reason. (Other
than
> that it still allows early deletion of the EMSK better
than
> if we would base all keys on the EMSK.)
I agree.
>
> --Jari
>
>
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|