>
> Narayanan, Vidya wrote:
>
> > I don't think the keying framework document would
still
> discuss this.
> > I think there is consensus that the text about
EMSK will be in a
> > separate document. The issue was discussed in the
context
> of the EAP
> > keying framework, since there are parts of that
document that
> > specifically say that the EMSK MUST NOT be
transported and MUST be
> > deleted - question is whether we can change that
wording
> and leave any
> > other explanation on EMSK usage or AMSK derivation
to a future spec.
>
> What we intend to do, I think, is to set the high-level
> requirements for EMSK in the keying framework (e.g.,
MUST NOT
> be transported).
>
I think if we said MUST NOT be transported out of the
authentication
server to any other entity, without saying if it is the EAP
layer or AAA
layer, that might work. In light of all the discussion on
this topic
lately, I don't know that we can say anything more specific
yet.
Vidya
> But the derivation of AMSKs from the EMSK, and the
specific
> proposals for specific uses of the AMSKs in
applications need
> to be in other documents.
>
> In any case, I'm hoping that what we say in the keying
> framework document holds and does not have to be
changed in
> these other documents.
>
> --Jari
>
>
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|