>
> >In the above, are you talking about an EMSK
compromise after expiry
> >affecting any keys that may still be in use?
>
> If the EMSK expires and the session is still in
progress,
> presumably the result is an EAP re-authentication which
> results in new child keys.
>
> >If so, I'm wondering how
> >viable that is - basically, the point that I'm not
clear on
> is this -
> >if the EMSK is used to derive any keys that are
handed out to other
> >entities, depending on the purpose of the key, the
EAP server may
> >really have no control over that lifetime.
>
> It can provide a maximum lifetime (Session-Timeout) to
the
> authenticator, requesting EAP re-authentication to
occur when
> the maximum lifetime expires.
>
> The distinction we're making here is between maximum
lifetime
> (controlled by
> Session-Timeout) and deletion. If the EMSK is deleted
on the
> peer or server, this doesn't cause child keys to be
deleted.
> However, expiry of the maximum lifetime does result in
new child keys.
>
Ok. The revised text for section 3.3 then looks good.
Vidya
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|