I think I agree with what Alper is saying below. It is obviously
important to have separated keys for PANA itself and the per-packet
protection (such as for IPsec). But given the definition of the keys
used for PANA in the RFC, I think it is possible to have other
MSK-derived keys for IPsec.
Jari
Alper Yegin wrote:
As
for draft-ohba-pana-pemk-02, it specifies (as does 5191) the use of the
MSK
which is a _really_ bad idea IMHO -- the EMSK should really be used
instead.
Why so?
Secure association protocols have been using MSK-driven keys.
And it makes sense, as MSK is what NAS knows (not EMSK).
I have no idea what value using EMSK has, but the obvious cost is to impact
the AAA deployment between the NAS and AAA servers. Today AAA protocols
deliver MSK, not EMSK or any of its children.
Alper
_______________________________________________
Pana mailing list
Pana@ietf.org
https://www.ietf.org/mailman/listinfo/pana