I have reviewed this document with the idea of taking this on as an AD
sponsored submission for Proposed Standard. I only had one minor
editorial issue with it:
o EPID is the identifier of the EP. The first two octets represents
the AddressType, which contains an Address Family defined in
[IANAADFAM <http://tools.ietf.org/html/draft-ohba-pana-pemk-03#ref-IANAADFAM>].
Is there a better reference for this than the IANA web page? An RFC
perhaps? If you find a better reference please issue a new draft version.
Also, there's a bigger potential issue around the EMSK vs. MSK usage
that we have already discussed earlier this year. In my own analysis I
think the draft is doing the right thing -- MSK is already delivered to
the PANA agent and already derived in one way to secure PANA itself. I
see no problem in using it for the second time to derive a related key.
However, I have asked the security ADs for advice on this issue, and
maybe I'll be surprised on what they say. Stay tuned.
Jari
_______________________________________________
Pana mailing list
Pana@ietf.org
https://www.ietf.org/mailman/listinfo/pana
