Re: [btns] Protocol Action: 'IPsec Channels: Connection Latching' to Proposed Standard
"Laganier, Julien" <julienl@qualcomm.com> Mon, 17 August 2009 18:27 UTC
Return-Path: <julienl@qualcomm.com>
X-Original-To: btns@core3.amsl.com
Delivered-To: btns@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B26B3A6A0E for <btns@core3.amsl.com>; Mon, 17 Aug 2009 11:27:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.67
X-Spam-Level:
X-Spam-Status: No, score=-105.67 tagged_above=-999 required=5 tests=[AWL=0.929, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SxL19rmPthOm for <btns@core3.amsl.com>; Mon, 17 Aug 2009 11:27:34 -0700 (PDT)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id 0C1F83A6F43 for <btns@ietf.org>; Mon, 17 Aug 2009 11:27:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1250533659; x=1282069659; h=from:to:date:subject:thread-topic:thread-index: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: acceptlanguage:content-type:content-transfer-encoding: mime-version:x-ironport-av; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20btns=20mailing=20list=20<btns@ietf.org>|Date:=20Mo n,=2017=20Aug=202009=2011:27:35=20-0700|Subject:=20RE:=20 [btns]=20Protocol=20Action:=20'IPsec=20Channels:=20Connec tion=20Latching'=0D=0A=20to=09Proposed=20Standard |Thread-Topic:=20[btns]=20Protocol=20Action:=20'IPsec=20C hannels:=20Connection=20Latching'=0D=0A=20to=09Proposed =20Standard|Thread-Index:=20AcofZycCeBCIeRCnTtGubgMu1DJQZ QAARI1w|Message-ID:=20<BF345F63074F8040B58C00A186FCA57F1C 24BE3E23@NALASEXMB04.na.qualcomm.com>|References:=20<2009 0817181833.733E73A6774@core3.amsl.com>|In-Reply-To:=20<20 090817181833.733E73A6774@core3.amsl.com>|Accept-Language: =20en-US|Content-Language:=20en-US|X-MS-Has-Attach: |X-MS-TNEF-Correlator:|acceptlanguage:=20en-US |Content-Type:=20text/plain=3B=20charset=3D"us-ascii" |Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5 300,2777,5712"=3B=20a=3D"22216016"; bh=y/lJpYDt48+/GLQHteZDTajkJwCck2fYQ6xRmY1haok=; b=WiviXoCP2TrI0Yy2MD60dDoXZspF5vQ+zzj/yXj2PkkSjkXlywK83Gt+ kPxIWy9mgYZPAyvRGmJ+8l1jE8I728p5f+kIkL9+QfnPHsyZkv5IKi33l APTN+ot/zpq0f3RG5GQHY+vK0//rnhWTEUTnU5wycsiENc40vwC6chNdc M=;
X-IronPort-AV: E=McAfee;i="5300,2777,5712"; a="22216016"
Received: from pdmz-ns-mip.qualcomm.com (HELO ithilien.qualcomm.com) ([199.106.114.10]) by wolverine01.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 17 Aug 2009 11:27:38 -0700
Received: from msgtransport05.qualcomm.com (msgtransport05.qualcomm.com [129.46.61.150]) by ithilien.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n7HIRclK002193 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <btns@ietf.org>; Mon, 17 Aug 2009 11:27:38 -0700
Received: from nasanexhub02.na.qualcomm.com (nasanexhub02.na.qualcomm.com [10.46.143.120]) by msgtransport05.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n7HIRchR012918 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <btns@ietf.org>; Mon, 17 Aug 2009 11:27:38 -0700
Received: from nalasexhc03.na.qualcomm.com (10.47.129.194) by nasanexhub02.na.qualcomm.com (10.46.143.120) with Microsoft SMTP Server (TLS) id 8.1.358.0; Mon, 17 Aug 2009 11:27:37 -0700
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.118]) by nalasexhc03.na.qualcomm.com ([10.47.129.194]) with mapi; Mon, 17 Aug 2009 11:27:37 -0700
From: "Laganier, Julien" <julienl@qualcomm.com>
To: btns mailing list <btns@ietf.org>
Date: Mon, 17 Aug 2009 11:27:35 -0700
Thread-Topic: [btns] Protocol Action: 'IPsec Channels: Connection Latching' to Proposed Standard
Thread-Index: AcofZycCeBCIeRCnTtGubgMu1DJQZQAARI1w
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C24BE3E23@NALASEXMB04.na.qualcomm.com>
References: <20090817181833.733E73A6774@core3.amsl.com>
In-Reply-To: <20090817181833.733E73A6774@core3.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [btns] Protocol Action: 'IPsec Channels: Connection Latching' to Proposed Standard
X-BeenThere: btns@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Better-Than-Nothing-Security Working Group discussion list <btns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/btns>
List-Post: <mailto:btns@ietf.org>
List-Help: <mailto:btns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Aug 2009 18:27:35 -0000
Thanks to everybody who helped made this happen! --julien > -----Original Message----- > > The IESG has approved the following document: > > - 'IPsec Channels: Connection Latching ' > <draft-ietf-btns-connection-latching-11.txt> as a Proposed Standard > > > This document is the product of the Better-Than-Nothing Security > Working Group. > > The IESG contact persons are Tim Polk and Pasi Eronen. > > A URL of this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-btns-connection- > latching-11.txt > > Technical Summary > > This document specifies, abstractly, how to interface applications > and transport protocols with IPsec so as to create "channels" by > latching "connections" (packet flows) to certain IPsec Security > Association (SA) parameters for the lifetime of the connections. > Connection latching is layered on top of IPsec and does not modify > the underlying IPsec architecture. > > Connection latching can be used to protect applications against > accidentally exposing live packet flows to unintended peers, whether > as the result of a reconfiguration of IPsec or as the result of using > weak peer identity to peer address associations. Weak association of > peer ID and peer addresses is at the core of Better Than Nothing > Security (BTNS), thus connection latching can add a significant > measure of protection to BTNS IPsec nodes. > > Finally, the availability of IPsec channels will make it possible to > use channel binding to IPsec channels. > > Working Group Summary > > This document is a product of the Better Than Nothing Security > (BTNS) > working group. > > Document Quality > > A version of Connection Latching is implemented in OpenSolaris. The > document has been reviewed by Daniel McDonald who worked on the > Connection Latching implementation in OpenSolaris. > > Personnel > > The Document Shepherd for this document is Julien Laganier (BTNS > WG co-chair). The Responsible Area Director is Tim Polk (Security > Area Director). > > _______________________________________________ > btns mailing list > btns@ietf.org > https://www.ietf.org/mailman/listinfo/btns
- [btns] Protocol Action: 'IPsec Channels: Connecti… The IESG
- Re: [btns] Protocol Action: 'IPsec Channels: Conn… Laganier, Julien
- Re: [btns] Protocol Action: 'IPsec Channels: Conn… Nicolas Williams