RE: [HOKEY] EMSK Issue
Avi Lior <avi@bridgewatersystems.com> Tue, 18 March 2008 22:02 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietfarch-ietf-archive@core3.amsl.com
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C542F3A6F7D; Tue, 18 Mar 2008 15:02:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.053
X-Spam-Level:
X-Spam-Status: No, score=-100.053 tagged_above=-999 required=5 tests=[AWL=-0.216, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_21=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qddNRUcABnQt; Tue, 18 Mar 2008 15:02:09 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 859FC3A6F83; Tue, 18 Mar 2008 15:01:44 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D3193A6F09; Tue, 18 Mar 2008 15:01:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GEQ+kAW7Q1MC; Tue, 18 Mar 2008 15:01:41 -0700 (PDT)
Received: from webmail.bridgewatersystems.com (webmail.bridgewatersystems.com [66.46.199.134]) by core3.amsl.com (Postfix) with ESMTP id 823423A69EA; Tue, 18 Mar 2008 15:01:39 -0700 (PDT)
Received: from exchange02.bridgewatersys.com ([192.168.150.32]) by exchange02.bridgewatersys.com ([192.168.150.32]) with mapi; Tue, 18 Mar 2008 17:59:22 -0400
From: Avi Lior <avi@bridgewatersystems.com>
To: Glen Zorn <gzorn@arubanetworks.com>, Charles Clancy <clancy@cs.umd.edu>
Date: Tue, 18 Mar 2008 17:59:22 -0400
Subject: RE: [HOKEY] EMSK Issue
Thread-Topic: [HOKEY] EMSK Issue
Thread-Index: AciIinAt9YhOZWe9Rru5XLPDygs6LwAf8axAAAyBj+A=
Message-ID: <8A8CFE8F89C38B41A749C19328C76D6301CFAA625A@exchange02.bridgewatersys.com>
References: <47DF04FC.4060706@cs.umd.edu> <A3DA4C2546E1614D8ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com>
In-Reply-To: <A3DA4C2546E1614D8ACC896746CDCF29E7BF6E@aruba-mx1.arubanetworks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
Cc: "ietf@ietf.org" <ietf@ietf.org>, "hokey@ietf.org" <hokey@ietf.org>, Bernard Aboba <bernarda@windows.microsoft.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
I would prefer not to say anything at all. But that may not be realistic. I do understand Jari's concern that there *could* be some issues if no used correctly. I think the main objection as I understand it is that Network Access Authentication should be decoupled for Application Authentication. That is, if we use the EMSK derived from Network Access Authentication to derive keys for applications we are coupling the two authentications. This can be bad as Jari puts it because those applications that are coupled to one Network may not work when the user is connect to another network. I agree but not generally. That is, there are some applications for which coupling makes perfect sense. Applications that strictly run within the context of a Network Access session could benefit by having their application keys bootstrapped from EMSK. For example, Over-the-Air provisioning application and location based applications that are part of the network. Bootstrapping the keys from EMSK creates a single-sign-on and elliminates the need to have to provision keys for each of the applications and elliminates the need to run extra messaging to create session keys etc. Application like a web server may not be appropriate to have its keys derived from EMSK because these application are network agnostic. So we need to say something. But that something needs to indicate the issues so that SDOs understand when to use the EMSK thingy and when not to use it. I do not support making blanket statements such as Application MUST not derive their keys from EMSK. Also note that there are ways to use the EMSK even in the case of the Applications that are access network agnostic. And we should not block this scenario. > -----Original Message----- > From: hokey-bounces@ietf.org [mailto:hokey-bounces@ietf.org] > On Behalf Of Glen Zorn > Sent: Tuesday, March 18, 2008 11:31 AM > To: Charles Clancy > Cc: ietf@ietf.org; hokey@ietf.org; Bernard Aboba > Subject: Re: [HOKEY] EMSK Issue > > Charles Clancy <> scribbled on : > > > HOKEY, > > > > From Bernard's "walled garden" LC comments, I've created > the following > > issue below in the issue tracker. > > Some of us don't subscribe to the IETF list (due to the > extremely poor S/N ratio). Someone did forward me Bernard's > original message & to me it appears to fall squarely into the > N category (either that or it is an early April 1 RFC > candidate). I understand, though, that it is actually > receiving serious discussion on the IETF list, so I'm happy > that you are bringing some of that discussion to this forum. > Of course, common courtesy would have required that the WG > the work of which is being disparaged in outrageous fashion > be included in the discussion but courtesy seems to be in > short supply. > > > > > http://www.ltsnet.net:8080/hokey/issue39 > > EMSK: applicability statement, scope > > > > The EMSK document, as-is, allows (or more precisely does not > > disallow) for broader use of keys than it should. > > That may be somebody's claim; however, RFC 3748 says: > > Extended Master Session Key (EMSK) > Additional keying material derived between the EAP client and > server that is exported by the EAP method. The EMSK is at least > 64 octets in length. The EMSK is not shared with the > authenticator or any other third party. The EMSK is > reserved for > future uses that are not defined yet. > > This doesn't appear to me to constrain the uses of the EMSK; > furthermore, since Bernard is not just one of the authors of > 3748 but also a co-Chair of the working group that published > it, it seems like the time & place to constrain the usage of > the EMSK would have been during the drafting of the RFC and > in the eap WG. > > > There could > > be interoperability issues if applications require > EAP-generated keys, > > breaking the layering of the Internet protocol stack. > > What does that mean? How can _keys_ cause layer violations? > > > > > Some sort of statement regarding applicability and scoping > of derived > > keys is necessary for this document. > > > > -- > > t. charles clancy, ph.d. eng.umd.edu/~tcc > > electrical & computer engineering, university of maryland > > _______________________________________________ > > HOKEY mailing list > > HOKEY@ietf.org > > https://www.ietf.org/mailman/listinfo/hokey > _______________________________________________ > HOKEY mailing list > HOKEY@ietf.org > https://www.ietf.org/mailman/listinfo/hokey > _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- RE: [HOKEY] EMSK Issue Glen Zorn
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Avi Lior
- Re: [HOKEY] EMSK Issue Brian E Carpenter
- RE: [HOKEY] EMSK Issue Glen Zorn
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba
- RE: [HOKEY] EMSK Issue Narayanan, Vidya
- RE: [HOKEY] EMSK Issue Joseph Salowey (jsalowey)
- Re: [HOKEY] EMSK Issue Charles Clancy
- RE: [HOKEY] EMSK Issue Bernard Aboba