Hi all, the hokey charter under 3) seems to be clearly based on the current RFC 3748 text (mandating EMSK generation). So one effort is to think about the hierarchy below EMSK (and not whether EMSK is there at all), take into account existing uses of EMSK etc., right? Possibly, another effort may focus on 'legacy methods' not (or not fully) describing EMSK generation (i.e. not compliant to 3748).
The remainder are implementations that - although the method spec specifies how EMSK generation happens - do not implement this. I would expect this to be out-of-scope for standardization. Dirk -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Michael Ye Gesendet: Freitag, 17. November 2006 04:45 An: 'Blumenthal, Uri'; [EMAIL PROTECTED]; [email protected] Betreff: Re: [Hokeyp] [Emu] Re: MSK but no EMSK The discussion focuses on the problem EMSK is optional or mandatory. RFC3578 defined EMSK is mandatory, but it is not used at all. If EMSK must be used, it is mandatory . if no, I think, it may be better that it is optional. If EMSK is necessary for some "applications" in the future, we may still use it by option. If RFC3578 don't be taken into account , I prefer to that it is optional. Michael > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Blumenthal, Uri > Sent: Friday, November 17, 2006 10:58 AM > To: [EMAIL PROTECTED]; [email protected] > Subject: Re: [Hokeyp] [Emu] Re: MSK but no EMSK > > I happen to agree with Vidya on this. > > It is not optional for new EAP methods to produce EMSK. > Whether EMSK gets used or not is totally besides the point. > (If we can conceive that EMSK would serve a need in some > distant future - we have to enforce its generation now. And > it is required by RFC 3748 :-) > > What to do with the existing _old_ methods that aren't > compliant - I leave it for the group to decide. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Narayanan, Vidya > Sent: Thursday, November 16, 2006 9:35 PM > To: Bernard Aboba; [EMAIL PROTECTED]; [email protected] > Subject: Re: [Hokeyp] [Emu] Re: MSK but no EMSK > > > > > It's worth keeping in mind that there are very few existing RFC > > 3748-compliant EAP implementations. So most existing EAP method > > implementations do not generate an EMSK, and most existing EAP > > implementations would not do anything with the EMSK if it > were to be > > generated. > > > > Well, the question is this - is the requirement to > interoperate with existing standards or existing > implementations? Given that we have a spec that says what it > does, it seems to make sense to interoperate with that. If we > are going by existing implementations, there is probably more > than one flavor and then there is the question of when the > MSK is directly delivered to the authenticator and when it > isn't and how the peer knows that. > > In this case, I tend to agree with Charles that it is better > to have to fix non-compliant implementations than try to > design around them. Also, if we choose to ignore the standard > and use the implementations that don't produce an EMSK as a > data point, the standard doesn't seem to be serving a purpose > then - perhaps, we should then consider revising > RFC3748 to reflect what we want to use as a starting point > for requirements? > > Vidya > _______________________________________________ > Hokeyp mailing list > [EMAIL PROTECTED] > http://www.opendiameter.org/mailman/listinfo/hokeyp > _______________________________________________ > Hokeyp mailing list > [EMAIL PROTECTED] > http://www.opendiameter.org/mailman/listinfo/hokeyp > _______________________________________________ Hokeyp mailing list [EMAIL PROTECTED] http://www.opendiameter.org/mailman/listinfo/hokeyp _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
