Hi Pasi, Thanks for your response. On Tue, Mar 25, 2008 at 10:04:00AM +0200, Pasi.Eronen@xxxxxxxxx wrote: > Yoshihiro Ohba wrote: > > > I think Vidya has a good point. > > > > My opinion is that, bootstrapping protocols from long-term > > credentials used for network access authentication is not such a bad > > idea, but we just do not know yet the best way to realize it: > > > > http://user.informatik.uni-goettingen.de/~mobiarch/2007/slides > > /mobiarch07-panel-YoshiroOhba.pdf > > Such bootstrapping or "single sign-on" protocol could (and IMHO > should) still be independent of the link it's run over (i.e., it > would work over any IP network). I agree that a "single sign-on" protocol should work over any IP network. > > BTW, 3GPP and 3GPP2 already have one such a "single sign-on" protocol, > which uses the same long-term credential you'd usually use for network > access authentication to set up short-term "security assocations" for > higher layer protocols (but it runs over any IP network, so it works > even if, e.g., your current access network did not require any > authentication). It's called "Generic Bootstrapping Architecture" > or GBA. Yes, I know GBA. My understanding is that GBA is based on AKA, but your comment below seems to indicate that GBA has extensibility, which is good. > > (GBA design also allows adding new types of credentials between the > client and the "key distribution center" (BSF) without impacting other > elements of the system. You could, e.g., add support for EAP here in a > way that would be independent of the link layer currently being used. > So far, 3GPP/3GPP2 have not needed this, but if GBA ends up being used > in other systems as well, it could be useful.) This is quite interesting. On the other hand, I believe that bootstrapping applications is not just key creation - an additional ground work would be needed for secure key distribution to make GBA or any other potential "single sign-on" approaches to be truely access-technology independent. (BTW, as you may know, HOKEY WG is now discussing removal of peer consent property from DSRK (or rRK) distribution under the name of optimization and simplicity, but from security perspective, it is just a retrograde step against future direction, IMO.) Kind Regards, Yoshihiro Ohba > > Best regards, > Pasi > > > _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf