Re: [btns] RFC 5660 on IPsec Channels: Connection Latching
"Laganier, Julien" <julienl@qualcomm.com> Wed, 28 October 2009 20:41 UTC
Return-Path: <julienl@qualcomm.com>
X-Original-To: btns@core3.amsl.com
Delivered-To: btns@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 70C693A6A21 for <btns@core3.amsl.com>; Wed, 28 Oct 2009 13:41:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.21
X-Spam-Level:
X-Spam-Status: No, score=-105.21 tagged_above=-999 required=5 tests=[AWL=0.789, BAYES_00=-2.599, J_CHICKENPOX_93=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zkj9-5AfZV10 for <btns@core3.amsl.com>; Wed, 28 Oct 2009 13:41:17 -0700 (PDT)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id A443E3A686C for <btns@ietf.org>; Wed, 28 Oct 2009 13:41:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1256762493; x=1288298493; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: acceptlanguage:content-type:content-transfer-encoding: mime-version:x-ironport-av; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20"Nicolas.Williams@sun.com"=20<Nicolas.Williams@sun .com>|CC:=20"btns@ietf.org"=20<btns@ietf.org>|Date:=20Wed ,=2028=20Oct=202009=2013:41:27=20-0700|Subject:=20RE:=20[ btns]=20RFC=205660=20on=20IPsec=20Channels:=20Connection =20Latching|Thread-Topic:=20[btns]=20RFC=205660=20on=20IP sec=20Channels:=20Connection=20Latching|Thread-Index:=20A cpYA/kJHOX62A53TFiyaqeu4IlBdgACs2Zg|Message-ID:=20<BF345F 63074F8040B58C00A186FCA57F1C648CA517@NALASEXMB04.na.qualc omm.com>|References:=20<20091028191911.54E06356BC1@bosco. isi.edu>|In-Reply-To:=20<20091028191911.54E06356BC1@bosco .isi.edu>|Accept-Language:=20en-US|Content-Language:=20en -US|X-MS-Has-Attach:|X-MS-TNEF-Correlator: |acceptlanguage:=20en-US|Content-Type:=20text/plain=3B=20 charset=3D"us-ascii"|Content-Transfer-Encoding:=20quoted- printable|MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee =3Bi=3D"5300,2777,5785"=3B=20a=3D"26313994"; bh=V58yGcI0pJLKAtXYS55bdS+Mf6Pl1mn5SQbL+EiPbOw=; b=dyYCyDOGX1iNYPiGqiD/JRPgFl+1tyAT3RiJ3rWiLcTKKYZNhnFanE5w D1e6Rm8ThdO6j9dfRvR12VjZ9d31TC8hM+7QPWTWiX+cNzCHGRcY5HQPj YX9aivuTUmO6lbiDc/HImP9iQVsGLagWQNAs977vqqlGG3lY6lRRrm3KK 0=;
X-IronPort-AV: E=McAfee;i="5300,2777,5785"; a="26313994"
Received: from pdmz-ns-mip.qualcomm.com (HELO numenor.qualcomm.com) ([199.106.114.10]) by wolverine01.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 28 Oct 2009 13:41:31 -0700
Received: from totoro.qualcomm.com (totoro.qualcomm.com [129.46.61.158]) by numenor.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n9SKfUrZ000440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 28 Oct 2009 13:41:31 -0700
Received: from nasanexhub06.na.qualcomm.com (nasanexhub06.na.qualcomm.com [129.46.134.254]) by totoro.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n9SKfU3S004933 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Wed, 28 Oct 2009 13:41:30 -0700 (PDT)
Received: from nalasexhub04.na.qualcomm.com (10.47.130.55) by nasanexhub06.na.qualcomm.com (129.46.134.254) with Microsoft SMTP Server (TLS) id 8.2.176.0; Wed, 28 Oct 2009 13:41:30 -0700
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.114]) by nalasexhub04.na.qualcomm.com ([10.47.130.55]) with mapi; Wed, 28 Oct 2009 13:41:29 -0700
From: "Laganier, Julien" <julienl@qualcomm.com>
To: "Nicolas.Williams@sun.com" <Nicolas.Williams@sun.com>
Date: Wed, 28 Oct 2009 13:41:27 -0700
Thread-Topic: [btns] RFC 5660 on IPsec Channels: Connection Latching
Thread-Index: AcpYA/kJHOX62A53TFiyaqeu4IlBdgACs2Zg
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C648CA517@NALASEXMB04.na.qualcomm.com>
References: <20091028191911.54E06356BC1@bosco.isi.edu>
In-Reply-To: <20091028191911.54E06356BC1@bosco.isi.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "btns@ietf.org" <btns@ietf.org>
Subject: Re: [btns] RFC 5660 on IPsec Channels: Connection Latching
X-BeenThere: btns@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Better-Than-Nothing-Security Working Group discussion list <btns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/btns>
List-Post: <mailto:btns@ietf.org>
List-Help: <mailto:btns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Oct 2009 20:41:19 -0000
Congratulations Nico! And thanks to those that made this possible. --julien > -----Original Message----- > From: btns-bounces@ietf.org [mailto:btns-bounces@ietf.org] On Behalf Of > rfc-editor@rfc-editor.org > Sent: Wednesday, October 28, 2009 12:19 PM > To: ietf-announce@ietf.org; rfc-dist@rfc-editor.org > Cc: btns@ietf.org; rfc-editor@rfc-editor.org > Subject: [btns] RFC 5660 on IPsec Channels: Connection Latching > > > A new Request for Comments is now available in online RFC libraries. > > > RFC 5660 > > Title: IPsec Channels: Connection Latching > Author: N. Williams > Status: Standards Track > Date: October 2009 > Mailbox: Nicolas.Williams@sun.com > Pages: 31 > Characters: 74209 > Updates/Obsoletes/SeeAlso: None > > I-D Tag: draft-ietf-btns-connection-latching-11.txt > > URL: http://www.rfc-editor.org/rfc/rfc5660.txt > > This document specifies, abstractly, how to interface applications > and transport protocols with IPsec so as to create "channels" by > latching "connections" (packet flows) to certain IPsec Security > Association (SA) parameters for the lifetime of the connections. > Connection latching is layered on top of IPsec and does not modify > the underlying IPsec architecture. > > Connection latching can be used to protect applications against > accidentally exposing live packet flows to unintended peers, whether > as the result of a reconfiguration of IPsec or as the result of using > weak peer identity to peer address associations. Weak association of > peer ID and peer addresses is at the core of Better Than Nothing > Security (BTNS); thus, connection latching can add a significant > measure of protection to BTNS IPsec nodes. > > Finally, the availability of IPsec channels will make it possible to > use channel binding to IPsec channels. [STANDARDS TRACK] > > This document is a product of the Better-Than-Nothing Security Working > Group of the IETF. > > This is now a Proposed Standard Protocol. > > STANDARDS TRACK: This document specifies an Internet standards track > protocol for the Internet community,and requests discussion and > suggestions > for improvements. Please refer to the current edition of the Internet > Official Protocol Standards (STD 1) for the standardization state and > status of this protocol. Distribution of this memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > http://www.ietf.org/mailman/listinfo/ietf-announce > http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see http://www.rfc- > editor.org/rfcsearch.html. > For downloading RFCs, see http://www.rfc-editor.org/rfc.html. > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > USC/Information Sciences Institute > > > _______________________________________________ > btns mailing list > btns@ietf.org > https://www.ietf.org/mailman/listinfo/btns
- [btns] RFC 5660 on IPsec Channels: Connection Lat… rfc-editor
- Re: [btns] RFC 5660 on IPsec Channels: Connection… Laganier, Julien
- Re: [btns] RFC 5660 on IPsec Channels: Connection… Nicolas Williams