In physical locks, the master is the common key. It doesn’t control the other keys. In crypto, the master is the root or primary; others are child or derivatives. It doesn’t ‘control’ them either. Most crypto texts and docs need to explain that because it’s not understood from the terms alone. Joe > On Aug 9, 2020, at 12:50 PM, Dan Harkins <dharkins@xxxxxxxxxx> wrote: > > > On 8/9/20 12:23 PM, Joe Touch wrote: >>>> On Aug 9, 2020, at 10:54 AM, Nico Williams <nico@xxxxxxxxxxxxxxxx> wrote: >>> >>> Really, asserting that "master secret" >>> is problematic is simply credibility-destroying. >> Besides your concern, how does one secret actively control another? >> >> Or is it just that there is one root key from which others are derived? >> >> Ie why even bother defending a term that’s inaccurate to start? > > It's not inaccurate. > > In locksmithing a "master key" is one that opens all the doors while a > non-master key (which is not called a "slave key" by the way) only opens > the door it is milled for. > > Analogously, in cryptology a key can be a "master key" if possession of > it can be used to decrypt all the different traffic flows and a non-master > key (which is also not called a "slave key") only decrypts the flow it > was generated for. It's a great term. > > You can even get key hierarchies and the analogy holds. There could be > one key for all doors in the building and separate keys for all doors on > particular floors and then keys that are specific for particular doors. > Similarly you could have a key that could be used to decrypt all flows on > all cluster members, a separate key that could be used to decrypt all > flows on one cluster, and flow-specific keys that just decrypt one > individual flow on one cluster. It's a great term. > > Asserting that use of "master key" or "master secret" is a problem or > that it somehow "discourages participation in the IETF" (which is what has > been asserted for this new category of Problematic Words) is absurd! > > Dan. > >
