[abfab] I-D Action: draft-linus-abfab-ephemeral-keying-00.txt
Linus Nordberg <linus@nordberg.se> Mon, 17 February 2014 22:12 UTC
Return-Path: <linus@nordberg.se>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 489421A0295 for <abfab@ietfa.amsl.com>; Mon, 17 Feb 2014 14:12:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, RP_MATCHES_RCVD=-0.548, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3PvIvpYFIL_S for <abfab@ietfa.amsl.com>; Mon, 17 Feb 2014 14:12:30 -0800 (PST)
Received: from smtp.nordberg.se (smtp.nordberg.se [193.10.5.87]) by ietfa.amsl.com (Postfix) with ESMTP id 555A91A02AD for <abfab@ietf.org>; Mon, 17 Feb 2014 14:12:30 -0800 (PST)
Received: from amnesia.nordberg.se (2.shulgin.dc1.nl.tor.exit.node.qwertyoruiop.com [93.174.90.30]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.nordberg.se (Postfix) with ESMTPSA id 0DF5711517 for <abfab@ietf.org>; Mon, 17 Feb 2014 23:12:22 +0100 (CET)
From: Linus Nordberg <linus@nordberg.se>
To: abfab@ietf.org
Date: Mon, 17 Feb 2014 22:11:59 +0000
Message-ID: <87k3ctqths.fsf@nordberg.se>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Archived-At: http://mailarchive.ietf.org/arch/msg/abfab/fpQBNrEjzp4hLcgAPoaIop8vd1s
Subject: [abfab] I-D Action: draft-linus-abfab-ephemeral-keying-00.txt
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab/>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Feb 2014 22:12:33 -0000
Hi, This is a somewhat incomplete draft of how the the client <--> RP traffic could be protected. Comments highly appreciated. Hoping to be able to have some discussions about this in London.
--- Begin Message ---A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Ephemeral keying for ABFAB Authors : Linus Nordberg Josh Howlett Filename : draft-linus-abfab-ephemeral-keying-00.txt Pages : 13 Date : 2014-02-14 Abstract: This document describes how EAP-GSS provides forward secrecy by encrypting each session in an ephemeral key generated in the initial state of the context establishment. This Diffie-Hellman key is shared by the initiator (EAP peer) and acceptor (EAP authenticator). The goal is to stop a passive attacker with access to the traffic between an ABFAB user and the service she uses (Relying Party), from getting access to key material and information linkable to the user or from being able to fingerprint the user. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-linus-abfab-ephemeral-keying/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-linus-abfab-ephemeral-keying-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/--- End Message ---
- [abfab] I-D Action: draft-linus-abfab-ephemeral-k… Linus Nordberg
- Re: [abfab] I-D Action: draft-linus-abfab-ephemer… Klaas Wierenga (kwiereng)