RE: [HOKEY] EMSK Issue
"Narayanan, Vidya" <vidyan@qualcomm.com> Wed, 19 March 2008 00:29 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietfarch-ietf-archive@core3.amsl.com
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 06D2728C1E5; Tue, 18 Mar 2008 17:29:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.2
X-Spam-Level:
X-Spam-Status: No, score=-100.2 tagged_above=-999 required=5 tests=[AWL=-0.363, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_21=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wPdUGTG5AyqK; Tue, 18 Mar 2008 17:28:59 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2973B3A6A28; Tue, 18 Mar 2008 17:28:59 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9B37D3A68A3; Tue, 18 Mar 2008 17:28:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3kOITu8sK9iY; Tue, 18 Mar 2008 17:28:56 -0700 (PDT)
Received: from wolverine02.qualcomm.com (wolverine02.qualcomm.com [199.106.114.251]) by core3.amsl.com (Postfix) with ESMTP id 7284B3A690D; Tue, 18 Mar 2008 17:28:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=vidyan@qualcomm.com; q=dns/txt; s=qcdkim; t=1205886399; x=1237422399; h=x-mimeole:content-class:mime-version:content-type: content-transfer-encoding:subject:date:message-id: in-reply-to:x-ms-has-attach:x-ms-tnef-correlator: thread-topic:thread-index:references:from:to:cc: x-originalarrivaltime:x-ironport-av; z=X-MimeOLE:=20Produced=20By=20Microsoft=20Exchange=20V6.5 |Content-class:=20urn:content-classes:message |MIME-Version:=201.0|Content-Type:=20text/plain=3B=0D=0A =09charset=3D"us-ascii"|Content-Transfer-Encoding:=20quot ed-printable|Subject:=20RE:=20[HOKEY]=20EMSK=20Issue |Date:=20Tue,=2018=20Mar=202008=2017:26:35=20-0700 |Message-ID:=20<C24CB51D5AA800449982D9BCB90325130142DBF9@ NAEX13.na.qualcomm.com>|In-Reply-To:=20<A3DA4C2546E1614D8 ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com> |X-MS-Has-Attach:=20|X-MS-TNEF-Correlator:=20 |Thread-Topic:=20[HOKEY]=20EMSK=20Issue|Thread-Index:=20A ciIinAt9YhOZWe9Rru5XLPDygs6LwAf8axAABNa7jA=3D|References: =20<47DF04FC.4060706@cs.umd.edu>=20<A3DA4C2546E1614D8ACC8 96746CDCF29E7BF6E@aruba-mx1.arubanetworks.com>|From:=20"N arayanan,=20Vidya"=20<vidyan@qualcomm.com>|To:=20"Glen=20 Zorn"=20<gzorn@arubanetworks.com>,=0D=0A=20=20=20=20=20 =20=20=20"Charles=20Clancy"=20<clancy@cs.umd.edu>|Cc:=20< ietf@ietf.org>,=20<hokey@ietf.org>,=0D=0A=20=20=20=20=20 =20=20=20"Bernard=20Aboba"=20<bernarda@windows.microsoft. com>|X-OriginalArrivalTime:=2019=20Mar=202008=2000:26:35. 0927=20(UTC)=20FILETIME=3D[E3EE6270:01C88957] |X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5200,2160,5254"=3B=20 a=3D"1178185"; bh=Ap/4HugJc5EMyi/tQAWCtoA2g0GjQ3Y+LCf9Pzd+UlQ=; b=a1AAYbbZeybzXKQ8cCRraSRlOvnUXEz3k226dbQvHW01RGWYN6kLECya Ba2N/jnyrnE18ujwDOoujJ7eJ0bh5GjET2cnMOlTjuEji6MhKwQeRpj3V W9KfQSgAbigIhsbXJqsT05F0chvewfufD45qFpCcvgo64R6P6naSmzE4o E=;
X-IronPort-AV: E=McAfee;i="5200,2160,5254"; a="1178185"
Received: from pdmz-ns-mip.qualcomm.com (HELO numenor.qualcomm.com) ([199.106.114.10]) by wolverine02.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 18 Mar 2008 17:26:37 -0700
Received: from msgtransport02.qualcomm.com (msgtransport02.qualcomm.com [129.46.61.151]) by numenor.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id m2J0QatS019227 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 18 Mar 2008 17:26:36 -0700
Received: from sanexcas01.na.qualcomm.com (sanexcas01.qualcomm.com [172.30.36.175]) by msgtransport02.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id m2J0QZVV011750; Tue, 18 Mar 2008 17:26:36 -0700
Received: from NAEX13.na.qualcomm.com ([129.46.51.249]) by sanexcas01.na.qualcomm.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Mar 2008 17:26:35 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: [HOKEY] EMSK Issue
Date: Tue, 18 Mar 2008 17:26:35 -0700
Message-ID: <C24CB51D5AA800449982D9BCB90325130142DBF9@NAEX13.na.qualcomm.com>
In-Reply-To: <A3DA4C2546E1614D8ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [HOKEY] EMSK Issue
Thread-Index: AciIinAt9YhOZWe9Rru5XLPDygs6LwAf8axAABNa7jA=
References: <47DF04FC.4060706@cs.umd.edu> <A3DA4C2546E1614D8ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com>
From: "Narayanan, Vidya" <vidyan@qualcomm.com>
To: Glen Zorn <gzorn@arubanetworks.com>, Charles Clancy <clancy@cs.umd.edu>
X-OriginalArrivalTime: 19 Mar 2008 00:26:35.0927 (UTC) FILETIME=[E3EE6270:01C88957]
Cc: ietf@ietf.org, hokey@ietf.org, Bernard Aboba <bernarda@windows.microsoft.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
FWIW, I agree with Glen's take here. To avoid repeating myself, here are pointers to emails that I sent in response to this thread on the IETF list (for the benefit of those not on the list): http://www.ietf.org/mail-archive/web/ietf/current/msg50860.html http://www.ietf.org/mail-archive/web/ietf/current/msg50880.html - Vidya > -----Original Message----- > From: hokey-bounces@ietf.org [mailto:hokey-bounces@ietf.org] > On Behalf Of Glen Zorn > Sent: Tuesday, March 18, 2008 8:31 AM > To: Charles Clancy > Cc: ietf@ietf.org; hokey@ietf.org; Bernard Aboba > Subject: Re: [HOKEY] EMSK Issue > > Charles Clancy <> scribbled on : > > > HOKEY, > > > > From Bernard's "walled garden" LC comments, I've created > the following > > issue below in the issue tracker. > > Some of us don't subscribe to the IETF list (due to the > extremely poor S/N ratio). Someone did forward me Bernard's > original message & to me it appears to fall squarely into the > N category (either that or it is an early April 1 RFC > candidate). I understand, though, that it is actually > receiving serious discussion on the IETF list, so I'm happy > that you are bringing some of that discussion to this forum. > Of course, common courtesy would have required that the WG > the work of which is being disparaged in outrageous fashion > be included in the discussion but courtesy seems to be in > short supply. > > > > > http://www.ltsnet.net:8080/hokey/issue39 > > EMSK: applicability statement, scope > > > > The EMSK document, as-is, allows (or more precisely does not > > disallow) for broader use of keys than it should. > > That may be somebody's claim; however, RFC 3748 says: > > Extended Master Session Key (EMSK) > Additional keying material derived between the EAP client and > server that is exported by the EAP method. The EMSK is at least > 64 octets in length. The EMSK is not shared with the > authenticator or any other third party. The EMSK is > reserved for > future uses that are not defined yet. > > This doesn't appear to me to constrain the uses of the EMSK; > furthermore, since Bernard is not just one of the authors of > 3748 but also a co-Chair of the working group that published > it, it seems like the time & place to constrain the usage of > the EMSK would have been during the drafting of the RFC and > in the eap WG. > > > There could > > be interoperability issues if applications require > EAP-generated keys, > > breaking the layering of the Internet protocol stack. > > What does that mean? How can _keys_ cause layer violations? > > > > > Some sort of statement regarding applicability and scoping > of derived > > keys is necessary for this document. > > > > -- > > t. charles clancy, ph.d. eng.umd.edu/~tcc > > electrical & computer engineering, university of maryland > > _______________________________________________ > > HOKEY mailing list > > HOKEY@ietf.org > > https://www.ietf.org/mailman/listinfo/hokey > _______________________________________________ > HOKEY mailing list > HOKEY@ietf.org > https://www.ietf.org/mailman/listinfo/hokey > _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- RE: [HOKEY] EMSK Issue Glen Zorn
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Avi Lior
- Re: [HOKEY] EMSK Issue Brian E Carpenter
- RE: [HOKEY] EMSK Issue Glen Zorn
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Joseph Salowey (jsalowey)
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba