[Emu] Last Call: <draft-ietf-emu-aka-pfs-12.txt> (Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS)) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Wed, 21 February 2024 14:24 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Auto-Submitted: auto-generated
Precedence: bulk
CC: draft-ietf-emu-aka-pfs@ietf.org, emu-chairs@ietf.org, emu@ietf.org, paul.wouters@aiven.io, peter@akayla.com
Reply-To: last-call@ietf.org
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <170852546278.53663.4610301020037008643@ietfa.amsl.com>
Date: Wed, 21 Feb 2024 06:24:22 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/CXTNO6Hnvm95pQlHMsqS-7mkNZ4>
Subject: [Emu] Last Call: <draft-ietf-emu-aka-pfs-12.txt> (Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS)) to Proposed Standard

The IESG has received a request from the EAP Method Update WG (emu) to
consider the following document: - 'Forward Secrecy for the Extensible
Authentication Protocol Method for
   Authentication and Key Agreement (EAP-AKA' FS)'
  <draft-ietf-emu-aka-pfs-12.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2024-03-06. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   This document updates RFC 9048, the improved Extensible
   Authentication Protocol Method for 3GPP Mobile Network Authentication
   and Key Agreement (EAP-AKA'), with an optional extension providing
   ephemeral key exchange.  Similarly, this document also updates the
   earlier version of the EAP-AKA' specification in RFC 5448.  The
   extension EAP-AKA' Forward Secrecy (EAP-AKA' FS), when negotiated,
   provides forward secrecy for the session keys generated as a part of
   the authentication run in EAP-AKA'.  This prevents an attacker who
   has gained access to the long-term key from obtaining session keys
   established in the past, assuming these have been properly deleted.
   In addition, EAP-AKA' FS mitigates passive attacks (e.g., large scale
   pervasive monitoring) against future sessions.  This forces attackers
   to use active attacks instead.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/


The following IPR Declarations may be related to this I-D:

   https://datatracker.ietf.org/ipr/3097/
   https://datatracker.ietf.org/ipr/3098/



The document contains these normative downward references.
See RFC 3967 for additional information: 
    rfc4187: Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA) (Informational - Internet Engineering Task Force (IETF))
    rfc5448: Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA') (Informational - Internet Engineering Task Force (IETF))
    rfc7624: Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement (Informational - Internet Architecture Board (IAB))
    rfc9048: Improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA') (Informational - Internet Engineering Task Force (IETF))

[Emu] Last Call: <draft-ietf-emu-aka-pfs-12.txt> … The IESG