On 8/9/20 12:23 PM, Joe Touch wrote:
On Aug 9, 2020, at 10:54 AM, Nico Williams <nico@xxxxxxxxxxxxxxxx> wrote:
Really, asserting that "master secret"
is problematic is simply credibility-destroying.
Besides your concern, how does one secret actively control another?
Or is it just that there is one root key from which others are derived?
Ie why even bother defending a term that’s inaccurate to start?
It's not inaccurate.
In locksmithing a "master key" is one that opens all the doors while a
non-master key (which is not called a "slave key" by the way) only opens
the door it is milled for.
Analogously, in cryptology a key can be a "master key" if possession of
it can be used to decrypt all the different traffic flows and a non-master
key (which is also not called a "slave key") only decrypts the flow it
was generated for. It's a great term.
You can even get key hierarchies and the analogy holds. There could be
one key for all doors in the building and separate keys for all doors on
particular floors and then keys that are specific for particular doors.
Similarly you could have a key that could be used to decrypt all flows on
all cluster members, a separate key that could be used to decrypt all
flows on one cluster, and flow-specific keys that just decrypt one
individual flow on one cluster. It's a great term.
Asserting that use of "master key" or "master secret" is a problem or
that it somehow "discourages participation in the IETF" (which is what has
been asserted for this new category of Problematic Words) is absurd!
Dan.