Re: [HOKEY] EMSK Issue
Charles Clancy <clancy@cs.umd.edu> Mon, 24 March 2008 02:20 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietfarch-ietf-archive@core3.amsl.com
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 18F983A6EA5; Sun, 23 Mar 2008 19:20:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.991
X-Spam-Level:
X-Spam-Status: No, score=-99.991 tagged_above=-999 required=5 tests=[AWL=-0.154, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_21=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yndQSPAikK8n; Sun, 23 Mar 2008 19:20:30 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3762A3A6E6E; Sun, 23 Mar 2008 19:20:28 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 714273A6E60; Sun, 23 Mar 2008 19:20:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4aabbcwGz4LT; Sun, 23 Mar 2008 19:20:25 -0700 (PDT)
Received: from bacon.cs.umd.edu (server-nat-2.cs.umd.edu [128.8.127.145]) by core3.amsl.com (Postfix) with ESMTP id D78993A6E5D; Sun, 23 Mar 2008 19:20:04 -0700 (PDT)
Received: from [127.0.0.1] (pool-71-179-91-146.bltmmd.fios.verizon.net [71.179.91.146]) (authenticated bits=0) by bacon.cs.umd.edu (8.13.1/8.12.5) with ESMTP id m2O2HeEZ003853 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 23 Mar 2008 22:17:41 -0400
Message-ID: <47E70F45.2020106@cs.umd.edu>
Date: Sun, 23 Mar 2008 22:17:41 -0400
From: Charles Clancy <clancy@cs.umd.edu>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: "Narayanan, Vidya" <vidyan@qualcomm.com>
Subject: Re: [HOKEY] EMSK Issue
References: <47DF04FC.4060706@cs.umd.edu> <A3DA4C2546E1614D8ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com> <C24CB51D5AA800449982D9BCB90325130142DBF9@NAEX13.na.qualcomm.com>
In-Reply-To: <C24CB51D5AA800449982D9BCB90325130142DBF9@NAEX13.na.qualcomm.com>
X-CSD-MailScanner-Information: Please email staff@cs.umd.edu for more information
X-CSD-MailScanner: Found to be clean
X-CSD-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-4.399, required 5, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60)
X-CSD-MailScanner-From: clancy@cs.umd.edu
Cc: Glen Zorn <gzorn@arubanetworks.com>, ietf@ietf.org, hokey@ietf.org, Bernard Aboba <bernarda@windows.microsoft.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Vidya, > ... do the responsible thing, which would be to clearly define the > applicability, along with providing an interoperable means of defining > the key hierarchy for those usages that want to/can use it. This is all I'm suggesting we do. I think we should add text to the document that gives guidance on the types of usages for which a USRK would be appropriate. Usages should be for functions related to the access network to which you are connecting, and for functions where it is reasonable for your access network to have an interest in authorization. For example, consider using a USRK to secure HTTP. If your access provider did this to deliver firmware updates to your handset, this might be reasonable, but if amazon.com required it for authentication, this would be unreasonable. Even if amazon.com had an agreement with your provider to obtain a USRK for your session, that's not the kind of thing for which your provider should be the authorization authority. -- t. charles clancy, ph.d. eng.umd.edu/~tcc electrical & computer engineering, university of maryland _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- RE: [HOKEY] EMSK Issue Glen Zorn
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Avi Lior
- Re: [HOKEY] EMSK Issue Brian E Carpenter
- RE: [HOKEY] EMSK Issue Glen Zorn
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Joseph Salowey (jsalowey)
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba