Yes, SDOs are increasingly using AAA for variety of network security and authorization management tasks and for the AAA server to act as a center of authority, such flexibility is needed.
Madjid -----Original Message----- From: Ray Bell [mailto:[EMAIL PROTECTED] Sent: Thursday, November 30, 2006 3:47 PM To: 'Madjid Nakhjiri'; 'Yoshihiro Ohba' Cc: [EMAIL PROTECTED]; [email protected] Subject: RE: [Emu] RE: [Hokeyp] USRK issue <snip> Madjid>>I don't think cryptographic dependency necessarily translates into life time dependency, especially if the authorization entity (AAA server) is possibly different from the entity generating the key (EAP server). Yes, if you need to rekey using a root key and the root key is now updated, you should use the updated key, but I think that can be worked into the AAA server-EAP server API. I am using this terminology, since we know EMSK is not exported from EAP layer. Ray >> SDO policy information models support this type of authorization policy modeling, distribution and enforcement. _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list [email protected] https://www1.ietf.org/mailman/listinfo/emu
