[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reminder: automated key management is often required for new protocols

To: Alan DeKok <aland@deployingradius.com>, Bernard Aboba <bernard_aboba@hotmail.com>
Subject: Re: Reminder: automated key management is often required for new protocols
From: Glen Zorn <glen_zorn@yahoo.com>
Date: Wed, 22 Aug 2007 09:01:46 -0700 (PDT)
Cc: dnelson@elbrysnetworks.com, radiusext@ops.ietf.org
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=WyEQuSW0RLEq6J7pjjjz8G1BoiDHQZbrCd31ufV5xzeARP2epWxz+wQwX8Pe4OX17q2qhsjgh0yRZAWo1rqBvnpdZ+cwDB6jkQFo2B7u7a1cX+sdR7W/2TY8I/TgZW4eWRMFFjQ1waBxjqC1s8QE0SC5lmVo+xBwLwY/LBaYujA=;
In-reply-to: <46CBCECB.8090306@deployingradius.com>

Alan DeKok <aland@deployingradius.com> wrote:

Bernard Aboba wrote:
> I think you mean "distribution of long-term credentials" here. In
> (D)TLS the session keys are are fresh for each session (via the use of
> client.random and server.random).

Sure. RFC 4107 calls them "long term session keys", but they're long
term credentials in the context of RADIUS.

gwz> What 4107 _really calls them is "long-term keys" (see section 2, paragraph

gwz> 2) but whatever...

...

Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us.

References:
- Re: Reminder: automated key management is often required for new protocols
  - From: Alan DeKok <aland@deployingradius.com>

Prev by Date: Re: Reminder: automated key management is often required for new protocols
Next by Date: Re: Request for Review: "Issues and Fixes" changes
Previous by thread: Re: Reminder: automated key management is often required for new protocols
Next by thread: Re: Reminder: automated key management is often required for new protocols
Index(es):
- Date
- Thread