[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Crypto-agility requirements: Forward Secrecy concern (from Issue 303)

To: "radiusext@ops.ietf.org" <radiusext@ops.ietf.org>
Subject: Crypto-agility requirements: Forward Secrecy concern (from Issue 303)
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Sun, 28 Jun 2009 14:00:50 -0700

Forward secrecy:

Sometimes RADIUS is used to deliver keys (like EAP MSK) that will be
used (perhaps indirectly via additional key derivation steps) to
encrypt information that may be valuable for a long time.  Given this,
the document needs some discussion about "forward secrecy" (whether
revealing the long-term credential allows decrypting all past
communications), and if the conclusion is that crypto-agility
solutions don't need to support forward secrecy (even as
optional-to-use feature), explain the rationale behind this
conclusion.

Follow-Ups:
- RE: Crypto-agility requirements: Forward Secrecy concern (from Issue 303)
  - From: Bernard Aboba <bernard_aboba@hotmail.com>

Prev by Date: Crypto-agility requirements: Replay protection concern
Next by Date: Crypto-agility requirements: Hop-by-hop vs. end-to-end (from Issue 303)
Previous by thread: Crypto-agility requirements: Replay protection concern
Next by thread: RE: Crypto-agility requirements: Forward Secrecy concern (from Issue 303)
Index(es):
- Date
- Thread