RE: [HOKEY] Review of draft-gaonkar-radext-erp-attrs-02.txt
"Narayanan, Vidya" <vidyan@qualcomm.com> Fri, 11 January 2008 18:24 UTC
Return-path: <hokey-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JDOYE-0005dV-2F; Fri, 11 Jan 2008 13:24:18 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JDOYD-0005dP-2n for hokey@ietf.org; Fri, 11 Jan 2008 13:24:17 -0500
Received: from wolverine02.qualcomm.com ([199.106.114.251]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JDOYC-0002AY-NL for hokey@ietf.org; Fri, 11 Jan 2008 13:24:17 -0500
DomainKey-Signature: s=qcdkim; d=qualcomm.com; c=nofws; q=dns; h=X-IronPort-AV:Received:Received:Received:Received: X-MimeOLE:Content-class:MIME-Version:Content-Type: Content-Transfer-Encoding:Subject:Date:Message-ID: In-Reply-To:X-MS-Has-Attach:X-MS-TNEF-Correlator: Thread-Topic:Thread-Index:References:From:To:Cc: X-OriginalArrivalTime; b=xjpWs6jVm3jEWnnajC47CjSty6h22p8gAa1D3Onp6JYinVzBnE36eA9c R9ajyYjP5AVAR2lr3OFEZv2cnlwGATt2GpSW+jYSw/qhgjKm5o4nRSh/V 7xX0UJo90poxigMUaa1BHtXMP0L3C23YAft/hXS2P0N6VZDS2VOXT10gc M=;
X-IronPort-AV: E=McAfee;i="5100,188,5204"; a="481364"
Received: from ithilien.qualcomm.com ([129.46.51.59]) by wolverine02.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 11 Jan 2008 10:24:16 -0800
Received: from msgtransport02.qualcomm.com (msgtransport02.qualcomm.com [129.46.61.151]) by ithilien.qualcomm.com (8.14.1/8.12.5/1.0) with ESMTP id m0BIOFND032567 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Fri, 11 Jan 2008 10:24:16 -0800
Received: from SANEXCAS02.na.qualcomm.com (sanexcas02.qualcomm.com [172.30.36.176]) by msgtransport02.qualcomm.com (8.14.1/8.14.2/1.0) with ESMTP id m0BIOE6I017321; Fri, 11 Jan 2008 10:24:15 -0800
Received: from NAEX13.na.qualcomm.com ([129.46.51.248]) by SANEXCAS02.na.qualcomm.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 11 Jan 2008 10:24:15 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [HOKEY] Review of draft-gaonkar-radext-erp-attrs-02.txt
Date: Fri, 11 Jan 2008 10:23:52 -0800
Message-ID: <C24CB51D5AA800449982D9BCB9032513CF49E0@NAEX13.na.qualcomm.com>
In-Reply-To: <3355.69.12.173.8.1200074790.squirrel@www.trepanning.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [HOKEY] Review of draft-gaonkar-radext-erp-attrs-02.txt
Thread-Index: AchUfMKcgY2udeD/Sy6f5F9y5nt2dgAAYxzA
References: <477D1029.2060502@deployingradius.com><2069.69.12.173.8.1199475463.squirrel@www.trepanning.net><477ED21D.9010301@qualcomm.com><1608.69.12.173.8.1199495480.squirrel@www.trepanning.net><C24CB51D5AA800449982D9BCB9032513C22802@NAEX13.na.qualcomm.com><4062.69.12.173.8.1199655622.squirrel@www.trepanning.net><C24CB51D5AA800449982D9BCB9032513C22A67@NAEX13.na.qualcomm.com><47843CFD.3040900@deployingradius.com><C24CB51D5AA800449982D9BCB9032513CF47ED@NAEX13.na.qualcomm.com><4785467D.1050607@deployingradius.com><C24CB51D5AA800449982D9BCB9032513CF486 9@NAEX13.na. qualcomm.com><7105.216.31.249.246.1199927549.squirrel@www.trepanning.net><C24CB51D5AA800449982D9BCB9032513CF488D@NAEX13.na.qualcomm.com><4785DEDC.7070707@deployingradius.com> <47867277.3040206@qualcomm.com><4095.69.12.173.8.1199995955.squirrel@www.trepanning.net><478686B1.6090300@qualcomm.com><4814.69.12.173.8.1200010568.squirrel@www.trepanning.net><4786C4F7.7030506@qualcomm.com> <3355.69.12.173.8.1200074790.squirrel@www.trep anning.net>
From: "Narayanan, Vidya" <vidyan@qualcomm.com>
To: Dan Harkins <dharkins@lounge.org>, "Dondeti, Lakshminath" <ldondeti@qualcomm.com>
X-OriginalArrivalTime: 11 Jan 2008 18:24:15.0009 (UTC) FILETIME=[2BA85110:01C8547F]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
Cc: hokey@ietf.org
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Errors-To: hokey-bounces@ietf.org
Hi Dan, > > But this rRK business is from a different key hierarchy > defined in a different document, right? It's _below_ the > whole EMSK-USRK-DSRK-DSUSRK tree you drew above, right? So I > don't really see how that justifies all the cruft above it. > > regards, > > Dan. > Perhaps this is the crux of the misunderstanding. The rRK is a USRK. The EMSK hierarchy document just generically defines how USRKs are derived, since multiple usages could define their own root keys. For reauthentication purposes, rRK is defined and it is defined in the ERX document. The DSRK is also a USRK - just a special case, where instead of a "usage", it is meant for another domain outside the home domain. The DSUSRK is a USRK specific to that domain - so, an rRK specific to a domain would belong there. So, we have: EMSK --> rRK for the home domain and EMSK --> DSRK --> rRK for a visited domain. The latter hierarchy for a visited domain allows other usage keys for the local domain to come out of the DSRK, just like other usage keys for the home domain can come from the EMSK. This allows the distribution of one key at the time of authentication that may then be used for various service keying needs within the domain. If we derived an rRK and distributed that out, then, for every local service, a key must be requested from the home domain and this is not desirable. Hope that clarifies things and brings us closer to being on the same page. Regards, Vidya _______________________________________________ HOKEY mailing list HOKEY@ietf.org https://www1.ietf.org/mailman/listinfo/hokey
- [HOKEY] Review of draft-gaonkar-radext-erp-attrs-… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re:RE: [HOKEY] Review of draft-gaonkar-radext-erp… wan.changsheng
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Yoshihiro Ohba
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re:RE: [HOKEY] Review of draft-gaonkar-radext-erp… wan.changsheng
- Re:Re:RE: [HOKEY] Review of draft-gaonkar-radext-… wan.changsheng
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Yoshihiro Ohba
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Yoshihiro Ohba
- Re:Re: [HOKEY] Review of draft-gaonkar-radext-erp… wan.changsheng
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re:Re: [HOKEY] Review of draft-gaonkar-radext-erp… wan.changsheng
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Yoshihiro Ohba
- Re: Re: [HOKEY] Review of draft-gaonkar-radext-er… Yoshihiro Ohba
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- Re:Re: Re: [HOKEY] Review of draft-gaonkar-radext… wan.changsheng
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Glen Zorn
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Yoshihiro Ohba
- Re:RE: [HOKEY] Review of draft-gaonkar-radext-erp… wan.changsheng
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re:RE: [HOKEY] Review of draft-gaonkar-radext-erp… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Nakhjiri Madjid-VXT746
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Nakhjiri Madjid-VXT746
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Dan Harkins
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- RE: [HOKEY] Review of draft-gaonkar-radext-erp-at… Narayanan, Vidya
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Alan DeKok
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Lakshminath Dondeti
- Re: [HOKEY] Review of draft-gaonkar-radext-erp-at… Charles Clancy