Bernard, For what it is worth, this ex-EAP co-chair also thinks that the use of EAP keys for applications is a very bad idea. And I too am concerned about introducing walled gardens through this. Having said that, I think there are legitimate uses of EMSK in the area of network access, such as various fast handover proposals in EAP. My understanding is that HOKEY is working on this. So perhaps one potential direction for resolving your issues is to provide a much stricter IANA section and an applicability note. I realize that this does not prevent people from grabbing values. But I note that I know of one case at least where this has already happened, even without an IETF specification. Arguably the situation with a (sufficiently tight) spec might be better, because we can use the spec to explain what usage is inappropriate. I realize we have RFC 3748 already, but since use of EMSK has been an IETF topic for 5+ years, I think it would be reasonable to state what the final rules are on taking specific keys out of the EMSK. Disclaimer: I read the draft very quickly after your note, and have not done a full review. I will do a very in-depth review when this document comes to the IESG. Jari _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf