Charles, > -----Original Message----- > From: Charles Clancy [mailto:clancy@xxxxxxxxxx] > Sent: Sunday, March 23, 2008 7:18 PM > To: Narayanan, Vidya > Cc: Glen Zorn; ietf@xxxxxxxx; hokey@xxxxxxxx; Bernard Aboba > Subject: Re: [HOKEY] EMSK Issue > > Vidya, > > > ... do the responsible thing, which would be to clearly > define the > applicability, along with providing an > interoperable means of defining > the key hierarchy for > those usages that want to/can use it. > > This is all I'm suggesting we do. I think we should add text > to the document that gives guidance on the types of usages > for which a USRK would be appropriate. Usages should be for > functions related to the access network to which you are > connecting, and for functions where it is reasonable for your > access network to have an interest in authorization. > How about the following text for applicability: "It must be noted that any application of EAP keying material to other usages such as handoffs, IP mobility or other applications is only feasible when those services are provided either by or through the provider handling network access. It is also only feasible when those usages only occur over EAP-capable interfaces. Hence, deriving USRKs or DSUSRKs for usages other than those facilitated by the network access provider is NOT RECOMMENDED." Thanks, Vidya _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf