> Actually I think it's a little more technical than editorial. This > problem is due to the fact that HOKEY is extracting a key derived from > the EMSK and making that "The Mother Of All Root Keys" (MOARK), which > can be used to derive all keys for all purposes to solve all problems in > the world. > > The document can be fixed by removing the MOARK from the draft and > having HOKEY define a _HOKEY-specific_ key derived from the EMSK. That > HOKEY-specific key is used for HOKEY and HOKEY only. If some other key > usage is needed then it can define another way to extract it's needed > keying material from the EMSK, and hopefully that process would be done > in the IETF (at least the chances are greater that it would be done in > the IETF if it's based on the EMSK and not the MOARK). > > This has the added benefit of simplifying the key hierarchy. I agree that the MOARK approach should be discarded, since its only use is to circumvent the EAP applicability statement in RFC 3748. HOKEY WG was chartered to solve the EAP handoff problem, not to create a new security architecture for the Internet based on link layer security. _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf