RE: [Emu] RE: [Hokeyp] USRK issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Emu] RE: [Hokeyp] USRK issue
Yes, SDOs are increasingly using AAA for variety of network security and
authorization management tasks and for the AAA server to act as a center of
authority, such flexibility is needed.
Madjid
-----Original Message-----
From: Ray Bell [mailto:ray at grid-net.com]
Sent: Thursday, November 30, 2006 3:47 PM
To: 'Madjid Nakhjiri'; 'Yoshihiro Ohba'
Cc: hokeyp at opendiameter.org; emu at ietf.org
Subject: RE: [Emu] RE: [Hokeyp] USRK issue
<snip>
Madjid>>I don't think cryptographic dependency necessarily translates into
life time dependency, especially if the authorization entity (AAA server) is
possibly different from the entity generating the key (EAP server). Yes, if
you need to rekey using a root key and the root key is now updated, you
should use the updated key, but I think that can be worked into the AAA
server-EAP server API. I am using this terminology, since we know EMSK is
not exported from EAP layer.
Ray >> SDO policy information models support this type of authorization
policy modeling, distribution and enforcement.
_______________________________________________
Emu mailing list
Emu at ietf.org
https://www1.ietf.org/mailman/listinfo/emu
_______________________________________________
Emu mailing list
Emu at ietf.org
https://www1.ietf.org/mailman/listinfo/emu
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
