On May 7, 2021, at 5:18 PM, Joseph Salowey <j...@salowey.net> wrote: > [Joe] I think the one issue that was raised during TLS review was that using > the same label for MSK and EMSK could make it more difficult to separate out > the derivations of these keys at the TLS level. For example, example, > perhaps the TLS implementation could restrict access to the MSK and EMSK > independently depending upon hte caller.
I'll have to think about that a little more before I understand the underlying objection. From what I can see, MSK and EMSK are specific to EAP-TLS. They are derived in the EAP-TLS application, by passing EAP-TLS parameters to TLS key exporters. So the TLS layer has no concept of what MSK or EMSK are. As a result, the TLS layer should have minimal input into what those keys are, or how they are derived. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
