Re: [secdir] Secdir review of draft-ohba-pana-pemk-03

Yoshihiro Ohba <> Fri, 08 January 2010 07:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DF5BF3A67D3; Thu, 7 Jan 2010 23:36:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.089
X-Spam-Status: No, score=-4.089 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id U8O2NGOnfh3j; Thu, 7 Jan 2010 23:36:23 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 5F2C13A63EB; Thu, 7 Jan 2010 23:36:23 -0800 (PST)
Received: from ([]) by with ESMTP id o087aJiT026054; Fri, 8 Jan 2010 16:36:19 +0900 (JST)
Received: (from root@localhost) by id o087aJsK018208; Fri, 8 Jan 2010 16:36:19 +0900 (JST)
Received: from [] by with ESMTP id SAA18194; Fri, 8 Jan 2010 16:36:19 +0900
Received: from (localhost []) by with ESMTP id o087aHNF017107; Fri, 8 Jan 2010 16:36:18 +0900 (JST)
Received: from by id o087aErQ018097; Fri, 8 Jan 2010 16:36:16 +0900 (JST)
Received: from [] by (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTPA id <>; Fri, 08 Jan 2010 16:36:15 +0900 (JST)
Date: Fri, 08 Jan 2010 16:36:13 +0900
From: Yoshihiro Ohba <>
In-reply-to: <>
To: Russ Mundy <>
Message-id: <>
MIME-version: 1.0
Content-type: text/plain; charset=UTF-8; format=flowed
Content-transfer-encoding: 7bit
References: <>
User-Agent: Thunderbird (Windows/20090812)
X-Mailman-Approved-At: Fri, 08 Jan 2010 00:22:14 -0800
Subject: Re: [secdir] Secdir review of draft-ohba-pana-pemk-03
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 08 Jan 2010 07:36:25 -0000

Thank you for your review of the draft.  Please see my 
response below.

Russ Mundy wrote:
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors.  Document editors and WG chairs should treat
> these comments just like any other last call comments.
> * There are some sections where additional information would make the
>   document more clear and complete:
> ** Section 1. I suggest including Figure 1 from RFC5193 between the
>    first and second paragraphs of this section to illustrate the
>    relationship of the components being described.  (Although a
>    reference to the figure might be sufficient, 5193 is Informational
>    so including the diagram would avoid a potentially normative
>    reference.)


> ** Section 2.4 defines the lifetime of the PEMK with respect to the
>    MSK.  I believe this means the lifetime of the exact MSK from which
>    the particular PEMK is derived.  If this is the intent, I suggest
>    adding the following to the end of the current sentence: "from
>    which it is derived."


> ** Since the PEMK does have a specified lifetime, it seems as though
>    there should be some information provided about what occurs at the
>    end of that lifetime.  If this information is in other related
>    specifications then these should be referenced.  

To address this issue, we have added the following text: "At 
the end of the lifetime, the PEMK and its associated states 
MUST be deleted."

> ** Similarly, since the PEMK is defined to be a pre-shared key,
>    providing information (or reference(s)) to what protocols are
>    required to put the PEMK in place would make the specification more
>    clear (is the EAP security mechanism required to provide for
>    this?).

We provide a guideline for distributing PEMK from PAA to EP 
in Section 3.2.  There was a fair amount of discussion in 
the PANA WG, and AFAIK it was decided not to specify a 
specific key distribution protocol in this document.

> * Some terminology does not seem consistent with other referenced
>   specifications:
> ** Although the Master Session Key (MSK) provides the basis for the
>    PEMK, there is no definition of MSK in this specification and the
>    terminology sections of RFCs referenced in the introduction
>    (RFC3748 and RFC5191) have different definitions for MSK in their
>    terminology sections.

Yes, the two documents do not use the same text for MSK 
definition, but they mean the same key and this should not 
be a problem.  We will follow your below suggestion of use 
of more terms from RFFC 5191.

> ** Making Use of more terminology from RFC5191 would make it easier to
>    relate this specification to related RFCs.  For instance, use of
>    "PANA Session", "Session Lifetime" and "PANA Security Association
>    (PANA SA)" in Sections 2.2, 2.3 & 2.4 might make the sections more
>    clear.  


>It also appears that the Key Name of PEMK (section 2.1)
>    should have some relationship to a "PANA Session" or "Session
>    Identifier" but it's not clear if or what relationship is
>    intended.  The specification should state the relationship (or
>    absence of a relationship) or implementers will make different
>    (probably incompatible) choices in their implementations.

Session identifier is included in the key name as SID.  We 
added the following sentence to address your comment.

"Inclusion of the EPID, SID and KID provides uniqueness of 
PEMK names among multiple PaC-EP pairs under a given PAA."

> ** To make the scope more clear, I would suggest changing the first
>    sentence of section 2.2 to read: "One PEMK is used between one PaC
>    and one EP."


> I would suggest adding a terminology section to this specification
> that referenced the terminology sections of RFC3748 and RFC5191 since
> they are both standards track documents.

Terminology section has been added.  All reused terms are 
from RFC5191 now.

Those changes are incorporated in to version 04, together 
with the changes based on Pasi and Alexey's comments.

Thank you,
Yoshihiro Ohba

> Regards,
> Russ Mundy