|
> You could only end up with the same rMSK being used for multiple NASs > if the sequence number the peer used during re-auth was the same. So if > that is deemed a problem then mandate that the sequence number be a > monotonically increasing counter which is initialized to 1 when the peer > finishes initial and full EAP authentication and not when a new rRK is > derived. No need for any domain differentiation at any level, just a > simple edit of half a sentence in the ERX document. > > If this is the only problem that is solved by having this key hierarchy > then let's do the simple edit I propose and get rid of the key hierarchy! > Agreed? My understanding is that this scheme is in use today, requiring only the MSK, and no changes to the AAA server or new RADIUS attributes. Only changes to the peer, authenticator and local server are needed. As I understand it, the AAA server only sees Access-Requests originating from the "local server" (e.g. NAS-Identifier = local server), so it just responds with the MSK. However, the peer and authenticator do need to be modified to negotiate the scheme prior to first use, since the rMSK is now a function of the MSK and the counter, so as to ensure that no authenticators share the same keying material. |