On 8/9/20 12:58 PM, Joe Touch wrote:
In physical locks, the master is the common key. It doesn’t control the other keys.
In crypto, the master is the root or primary; others are child or derivatives. It doesn’t ‘control’ them either.
Most crypto texts and docs need to explain that because it’s not understood from the terms alone.
Who said anything about control? As has been pointed out to you already
on the list, there are different meanings to the word "master" and those
other meanings do not necessarily reflect a controlling relationship.
I haven't seen any crypto texts spend any time explaining how the "master
key" doesn't really control the other keys. Seriously, zero out of hundreds
that I've read. It's a term of art.
But then so is "master bathroom" and we have already seen the woke virus
infect the realty business.
Dan.
Joe
On Aug 9, 2020, at 12:50 PM, Dan Harkins <dharkins@xxxxxxxxxx> wrote:
On 8/9/20 12:23 PM, Joe Touch wrote:
On Aug 9, 2020, at 10:54 AM, Nico Williams <nico@xxxxxxxxxxxxxxxx> wrote:
Really, asserting that "master secret"
is problematic is simply credibility-destroying.
Besides your concern, how does one secret actively control another?
Or is it just that there is one root key from which others are derived?
Ie why even bother defending a term that’s inaccurate to start?
It's not inaccurate.
In locksmithing a "master key" is one that opens all the doors while a
non-master key (which is not called a "slave key" by the way) only opens
the door it is milled for.
Analogously, in cryptology a key can be a "master key" if possession of
it can be used to decrypt all the different traffic flows and a non-master
key (which is also not called a "slave key") only decrypts the flow it
was generated for. It's a great term.
You can even get key hierarchies and the analogy holds. There could be
one key for all doors in the building and separate keys for all doors on
particular floors and then keys that are specific for particular doors.
Similarly you could have a key that could be used to decrypt all flows on
all cluster members, a separate key that could be used to decrypt all
flows on one cluster, and flow-specific keys that just decrypt one
individual flow on one cluster. It's a great term.
Asserting that use of "master key" or "master secret" is a problem or
that it somehow "discourages participation in the IETF" (which is what has
been asserted for this new category of Problematic Words) is absurd!
Dan.