IETF Logo Mail Archive

RE: [Emu] MSK but no EMSK

"Bernard Aboba" <bernard_aboba@hotmail.com> Sun, 19 November 2006 18:44 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Glreb-0003w1-PU; Sun, 19 Nov 2006 13:44:33 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Glrea-0003vw-QU for emu@ietf.org; Sun, 19 Nov 2006 13:44:33 -0500
Received: from bay0-omc3-s30.bay0.hotmail.com ([65.54.246.230]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GlreY-0003nf-VZ for emu@ietf.org; Sun, 19 Nov 2006 13:44:32 -0500
Received: from hotmail.com ([207.46.8.102]) by bay0-omc3-s30.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 19 Nov 2006 10:44:30 -0800
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 19 Nov 2006 10:44:30 -0800
Message-ID: <BAY117-F228CD52A42BA2C440C046693EE0@phx.gbl>
Received: from 207.46.8.123 by by117fd.bay117.hotmail.msn.com with HTTP; Sun, 19 Nov 2006 18:44:25 GMT
X-Originating-IP: [71.222.85.189]
X-Originating-Email: [bernard_aboba@hotmail.com]
X-Sender: bernard_aboba@hotmail.com
In-Reply-To: <0MKoyl-1Gkd7Y1I0a-00041D@mrelay.perfora.net>
From: Bernard Aboba <bernard_aboba@hotmail.com>
To: alper.yegin@yegin.org, hokeyp@opendiameter.org
Bcc:
Subject: RE: [Emu] MSK but no EMSK
Date: Sun, 19 Nov 2006 10:44:25 -0800
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"
X-OriginalArrivalTime: 19 Nov 2006 18:44:30.0275 (UTC) FILETIME=[BF57B130:01C70C0A]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a
Cc: emu@ietf.org
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org

>I remember someone in Hokey WG meeting mentioned that not all methods
>generate EMSK (even though they generate MSK). Is that accurate?

The simple answer is "we don't know" because prior to RFC 3748, EAP Type 
Codes could be allocated without a specification.

However, for methods published as RFCs or in the RFC Editor Queue, we know 
the following:

a) None of the RFC 3748-specified EAP methods generate keys (EAP MD5, OTP, 
GTC).

b) All of the key generating EAP methods published as RFCs specify how to 
derive the MSK and EMSK.   This includes EAP TLS (RFC 2716), EAP SIM (RFC 
4186), and EAP AKA (RFC 4817).   The generation of the Session-Id, Peer-Id 
and Server-Id is also specified for these methods in the Key Management 
Framework document.

c) All of the key generating EAP methods currently in the RFC Editor queue 
specify how to derive both the MSK and EMSK.  This includes EAP PSK 
(draft-bersani-eap-psk-11.txt), EAP SAKE (draft-vanderveen-eap-sake-02.txt), 
EAP PAX (draft-clancy-eap-pax-11.txt), EAP POTP 
(draft-nystrom-eap-potp-07.txt).  None of these methods specify how to 
derive the Peer-Id, Server-Id and Session-Id (e.g. they are non-compliant 
with the EAP Key Management Framework).

d) Allocation of an EAP Type Code requires specification of the MSK, EMSK, 
and Session-Id and Peer-Id/Server-Id if known.



_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu

v2.23.0 | Report a Bug | By Email