List Info

Thread: Issue: Child key expiry
Issue: Child key expiry
user name
 2006-05-02 21:12:54 
I like the last sentence. We need to allow future specs that
derive keys
from EMSK to define their own key authorization/ life time
policies.
However, given that EMSK is not exported, while MSK is and
TSK are
derived from MSK, then the last sentence is probably best
inserted
whenever EMSK is being described not here. 

Madjid

-----Original Message-----
From: Narayanan, Vidya [mailto:vidyanqualcomm.com] 
Sent: Tuesday, May 02, 2006 1:00 AM
To: eapfrascone.com
Subject: [eap] Issue: Child key expiry 

    Submitter name: Vidya Narayanan
    Submitter email address: vidyanqualcomm.com
    Date first submitted: 5/01/2006
    Reference: 
    Document: Keying Framework
    Comment type: 'T'echnical
    Priority: '2' May fix 
    Section: 3.3
    Rationale/Explanation of issue: 
This section states "When keying material exported by
EAP methods
expires,  all keying
   material derived from the exported keying material
expires, including
   the TSKs." This seems to indicate that the keys
derived from the EMSK
will also be expired when the EMSK expires. It is not yet
clear if this
would apply to all kinds of keys derived from the EMSK.
There may be
classes of keys derived from the EMSK for which different
lifetime
guidelines apply. So, it may be good to clarify that the
EMSK usage
documents will specify the guidelines for EMSK-based child
keys. 
    
    Requested change:

Change 

"When keying material exported by EAP methods expires,
 all keying
   material derived from the exported keying material
expires, including
   the TSKs." 

to 

"When keying material exported by EAP methods expires,
 all keying
   material derived from the exported keying material
expires, including
   the TSKs. Note that different lifetime guidelines may be
specified in
future specifications for EMSK-based child keys."
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap

Arhives: http://lists.
frascone.com/pipermail/eap
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap

Arhives: http://lists.
frascone.com/pipermail/eap
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )