[Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt

To: "Julien Bournelle" <julien.bournelle at int-evry.fr>
Subject: [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
From: "James Kempf" <Kempf at docomolabs-usa.com>
Date: Wed, 20 Jul 2005 09:30:52 -0700
Cc: Gerardo Giaretta <Gerardo.Giaretta at TILAB.COM>, Julien Bournelle <julien.bournelle at int-evry.fr>, mipshop at ietf.org, Venkitaraman Narayanan-CNV002 <Narayanan.Venkitaraman at motorola.com>, mobopts at irtf.org
List-help: <mailto:mipshop-request@ietf.org?subject=help>
List-id: mipshop.ietf.org
List-post: <mailto:mipshop@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
References: <1B631E11D496D711BB2800065BFCB6A11B7A71D7@il02exm13> <005101c58caf$5efc36c0$016115ac@dcml.docomolabsusa.com> <20050720135802.GE21022@ipv6-3.int-evry.fr>
Sender: mipshop-bounces at ietf.org

>  We could certainly define a way to provide a key both for MN and AR
>  during the network authentication phase.  EAP provides a way to create
>  key for application (AMSK) (Appendix A of our draft).
>  Thus we need to define a key specific for
>  FMIPv6 and a way for the EAP authenticator to push the keying material
>  to appropriate AR (not defined in the current draft).
>
>  The problem that I can see is after IP handover, how do the MN get a
>  new key ? If we continue to rely on EAP, it will imply a
>  reauthentication from scratch.
>

One of two ways:

1) The MN has actually reauthenticated for network access from scratch in
order to establish its session key with the new AR/AP, and in the process
obtained a handover key. In 802.1x, that is, in fact, currently the only way
I believe, though the 802.11r WG is looking to change this.

2) The MN has performed preauthentication with a collection of AR/APs around
the current one, and so has a key already available.

            jak



_______________________________________________
Mipshop mailing list
Mipshop at ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop

Follow-Ups:
- [Mobopts] Re: [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
  - From: Rajeev Koodli

References:
- [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
  - From: Narayanan Vidya-CVN065
- [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
  - From: James Kempf
- [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
  - From: Julien Bournelle

Prev by Date: [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
Next by Date: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
Previous by thread: [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
Next by thread: [Mobopts] Re: [Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt
Index(es):
- Date
- Thread

[Mipshop] Re: Review of draft-vidya-mipshop-handover-keys-aaa-00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.