Vidya said:
"It is a yet-to-be-defined thing and the computation
is only done by the EAP
server and peer - could we just not pick a KDF and mandate
it?"
One problem is that the KDF currently suggested for use in
computing AMSKs
is based on SHA-1, which
NIST has suggested will be deprecated by 2010. Given the
movement of the US
and other governments
toward the deployment of EAP-based access control, it is
important that
FIPS-certifiable EAP-based
solutions continue to be available going forward.
Without the possibility of negotiation, the adoption of a
soon-to-be-deprecated KDF implies
that EAP itself will be deprecated by 2010. As has been
noted by others,
existing EAP methods
do not negotiate KDFs either for their own use or for use in
AMSK
generation, and adding this
feature to existing or even new methods would be very
difficult. For
example, TLS (on which many
EAP methods are based) does not yet support KDF negotiation
for its own use,
let along
for use in AMSK generation.
These problems largely evaporate if AMSKs are generated by
the lower layer,
since the lower layer
can then negotiate the appropriate KDF for their generation.
No changes
would be required for existing or
new EAP methods. No changes would be required to RFC 4137.
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|