IETF Logo Mail Archive

Re: [HOKEY] REMINDER: WGLC on draft-ietf-hokey-erp-aak-04

Qin Wu <bill.wu@huawei.com> Mon, 29 August 2011 08:07 UTC

Return-Path: <bill.wu@huawei.com>
X-Original-To: hokey@ietfa.amsl.com
Delivered-To: hokey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D581421F85AC for <hokey@ietfa.amsl.com>; Mon, 29 Aug 2011 01:07:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.894
X-Spam-Level:
X-Spam-Status: No, score=-4.894 tagged_above=-999 required=5 tests=[AWL=1.705, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YFsnocnslGb1 for <hokey@ietfa.amsl.com>; Mon, 29 Aug 2011 01:07:49 -0700 (PDT)
Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [119.145.14.66]) by ietfa.amsl.com (Postfix) with ESMTP id 7A57321F8569 for <hokey@ietf.org>; Mon, 29 Aug 2011 01:07:49 -0700 (PDT)
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LQO005LJJXGP2@szxga03-in.huawei.com> for hokey@ietf.org; Mon, 29 Aug 2011 16:08:04 +0800 (CST)
Received: from szxrg01-dlp.huawei.com ([172.24.2.119]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LQO00JOKJXFIZ@szxga03-in.huawei.com> for hokey@ietf.org; Mon, 29 Aug 2011 16:08:03 +0800 (CST)
Received: from 172.24.2.119 (EHLO szxeml205-edg.china.huawei.com) ([172.24.2.119]) by szxrg01-dlp.huawei.com (MOS 4.1.9-GA FastPath queued) with ESMTP id ADM94089; Mon, 29 Aug 2011 16:08:03 +0800 (CST)
Received: from SZXEML412-HUB.china.huawei.com (10.82.67.91) by szxeml205-edg.china.huawei.com (172.24.2.57) with Microsoft SMTP Server (TLS) id 14.1.270.1; Mon, 29 Aug 2011 16:08:01 +0800
Received: from w53375q (10.138.41.130) by szxeml412-hub.china.huawei.com (10.82.67.91) with Microsoft SMTP Server (TLS) id 14.1.270.1; Mon, 29 Aug 2011 16:07:57 +0800
Date: Mon, 29 Aug 2011 16:07:56 +0800
From: Qin Wu <bill.wu@huawei.com>
X-Originating-IP: [10.138.41.130]
To: Glen Zorn <glenzorn@gmail.com>, Zhen Cao <zehn.cao@gmail.com>
Message-id: <A4EE812511C7430391A7CCDF35528337@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.6109
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7BIT
X-Priority: 3
X-MSMail-priority: Normal
X-CFilter-Loop: Reflected
References: <4E3A82FB.90400@net-zen.net> <CAPsMJ7rihm_A=YZOw2UBAduiLWBKACNB3Xs6jP-hrGKWi5c38g@mail.gmail.com> <CAProHASND=KEi8Vb17Kmb4fWTK5fR+EE2ZY9N04OkJ4_Gz1SBQ@mail.gmail.com> <4E5358A2.7040704@gmail.com>
Cc: hokey@ietf.org
Subject: Re: [HOKEY] REMINDER: WGLC on draft-ietf-hokey-erp-aak-04
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Aug 2011 08:07:51 -0000

Hi,
Sorry to chime in.
----- Original Message ----- 
From: "Glen Zorn" <glenzorn@gmail.com>
To: "Zhen Cao" <zehn.cao@gmail.com>
Cc: <hokey@ietf.org>
Sent: Tuesday, August 23, 2011 3:37 PM
Subject: Re: [HOKEY] REMINDER: WGLC on draft-ietf-hokey-erp-aak-04


> On 8/23/2011 12:18 PM, Zhen Cao wrote:
> 
>> Thank you, Andy, See inline.
>> 
>> On Tue, Aug 9, 2011 at 5:16 PM, andy L <pop.andrew@gmail.com> wrote:
>>> first of all, I have read, it is fine.
>>> still I have some comments
>>> 1 since it is said in Chapter 3 /*This document   only discusses the case of
>>> distributing the key to a single CAP.*/ the statement like /*To  avoid the
>>> same pre-established Master Session Key (pMSK) being   derived for multiple
>>> CAPs, the sequence number MUST be nique for   each CAP.*/ is not so
>>> necessary.
> 
> Is that true?  The document only discusses deriving the for on CAP _at a
> time_; do you really think it's OK for the same key to be used with the
> next CAP in a series of moves??

[Qin]: My answer to your last question above is "No". I think it is not harmful to allow the key to be distributed 
multiple CAs when the client doesn't really know where to move.
However if client has already know which is the next CA he is going to attach to, I think the case of
distributing the key to a single CAP should apply here. 
Does my clarification make sense to you?

> ...
> _______________________________________________
> HOKEY mailing list
> HOKEY@ietf.org
> https://www.ietf.org/mailman/listinfo/hokey

v2.8.7 | Report a Bug | By Email