Specification for the Derivation of Root Keys from an Extended Master Session Key
RFC 5295, “Specification for the Derivation of Root Keys from an Extended Master Session Key”, is a Proposed Standard document published in August 2008 by J. Salowey, L. Dondeti, V. Narayanan, M. Nakhjiri. The canonical text is published by the RFC Editor.
Abstract
The Extensible Authentication Protocol (EAP) defined the Extended Master Session Key (EMSK) generation, but reserved it for unspecified future uses. This memo reserves the EMSK for the sole purpose of deriving root keys. Root keys are master keys that can be used for multiple purposes, identified by usage definitions. This document also specifies a mechanism for avoiding conflicts between root keys by deriving them in a manner that guarantees cryptographic separation. Finally, this document also defines one such root key usage: Domain-Specific Root Keys are root keys made available to and used within specific key management domains. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 5295 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5294 Host Threats to Protocol Independent Multicast
- RFC 5296 EAP Extensions for EAP Re-authentication Protocol
- RFC 5293 Sieve Email Filtering: Editheader Extension
- RFC 5297 Synthetic Initialization Vector Authenticated Encryption Using the Advanced Encryption Standard
- RFC 5292 Address-Prefix-Based Outbound Route Filter for BGP-4
- RFC 5298 Analysis of Inter-Domain Label Switched Path Recovery
- RFC 5291 Outbound Route Filtering Capability for BGP-4
- RFC 5290 Comments on the Usefulness of Simple Best-Effort Traffic