[Pana] "PRF key" in RFC 5191 Section 8.5

Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp> Mon, 21 January 2013 01:27 UTC

Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: pana@ietfa.amsl.com
Delivered-To: pana@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE83F21F87F3 for <pana@ietfa.amsl.com>; Sun, 20 Jan 2013 17:27:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.49
X-Spam-Level:
X-Spam-Status: No, score=-3.49 tagged_above=-999 required=5 tests=[AWL=2.000, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RCVD_IN_DNSWL_HI=-8, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XNMs1q5ba+-D for <pana@ietfa.amsl.com>; Sun, 20 Jan 2013 17:27:17 -0800 (PST)
Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by ietfa.amsl.com (Postfix) with ESMTP id 004ED21F87AC for <pana@ietf.org>; Sun, 20 Jan 2013 17:27:16 -0800 (PST)
Received: from tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp ([133.199.232.103]) by imx12.toshiba.co.jp with ESMTP id r0L1RC5d004682 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <pana@ietf.org>; Mon, 21 Jan 2013 10:27:13 +0900 (JST)
Received: from tsbmgw-mgw01 (localhost [127.0.0.1]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id r0L1RCpn015075 for <pana@ietf.org>; Mon, 21 Jan 2013 10:27:12 +0900
Received: from localhost ([127.0.0.1]) by tsbmgw-mgw01 (JAMES SMTP Server 2.3.1) with SMTP ID 619 for <pana@ietf.org>; Mon, 21 Jan 2013 10:27:12 +0900 (JST)
Received: from arc11.toshiba.co.jp ([133.199.90.127]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id r0L1RBpa015072 for <pana@ietf.org>; Mon, 21 Jan 2013 10:27:11 +0900
Received: (from root@localhost) by arc11.toshiba.co.jp id r0L1RBsO009457 for pana@ietf.org; Mon, 21 Jan 2013 10:27:11 +0900 (JST)
Received: from ovp11.toshiba.co.jp [133.199.90.148] by arc11.toshiba.co.jp with ESMTP id LAA09455; Mon, 21 Jan 2013 10:27:11 +0900
Received: from mx2.toshiba.co.jp (localhost [127.0.0.1]) by ovp11.toshiba.co.jp with ESMTP id r0L1RBTG023818 for <pana@ietf.org>; Mon, 21 Jan 2013 10:27:11 +0900 (JST)
Received: from tsbpoa.po.toshiba.co.jp by toshiba.co.jp id r0L1RBo1018798; Mon, 21 Jan 2013 10:27:11 +0900 (JST)
Received: from [133.196.20.72] by mail.po.toshiba.co.jp (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTPSA id <0MGY00J3PC1A4770@mail.po.toshiba.co.jp> for pana@ietf.org; Mon, 21 Jan 2013 10:27:11 +0900 (JST)
Date: Mon, 21 Jan 2013 10:27:10 +0900
From: Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp>
To: pana@ietf.org
Message-id: <50FC996E.5050801@toshiba.co.jp>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-2022-JP
Content-transfer-encoding: 7bit
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
Subject: [Pana] "PRF key" in RFC 5191 Section 8.5
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pana>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jan 2013 01:27:18 -0000

I got a question from my colleague about meaning of "PRF key" in the
following text in Section 8.5:

"
1. The PaC and the PAA each are likely to be able to compute a
random nonce (according to [RFC4086]). The length of the nonce
has to be 1/2 the length of the PRF key (e.g., 10 octets in the
case of HMAC-SHA1).

2. The PaC and the PAA each are not trusted with regard to the
computation of a random nonce (according to [RFC4086]). The
length of the nonce has to have the full length of the PRF key
(e.g., 20 octets in the case of HMAC-SHA1).
"

As far as I remember, "PRF key" means "output block of the negotiated
pseudo-random function used in prf+". So HMAC-SHA1 is prf, the output
block length is 20 octets.

Please let me know if you interpret "PRF key" in the above text in other
ways.

Best Regards,
Yoshihiro Ohba