[Hipsec-rg] Fwd: New Version Notification for draft-heer-hip-middle-auth-02
heer at cs.rwth-aachen.de (Tobias Heer) Fri, 27 February 2009 16:35 UTC
From: "heer at cs.rwth-aachen.de"
Date: Fri, 27 Feb 2009 17:35:06 +0100
Subject: [Hipsec-rg] Fwd: New Version Notification for draft-heer-hip-middle-auth-02
References: <20090227121849.D72313A6979@core3.amsl.com>
Message-ID: <01EF6C3E-84AB-433A-83BF-9C801920D5B1@cs.rwth-aachen.de>
Hi folks, There is a new version of the middle auth draft. For details see the change log below: Changes since version 01: * Most important: Condensed puzzle and nonce into one parameter. This simplifies handling at the middleboxes since these don't need to reorder parameters any more. It also makes the draft less complicated. * Updated references to match last standardization progress of HIP drafts * Removed ambiguity in Protocol Overview (Section 2.1) * Removed 32-byte guideline and added more general text in Section 2.1.1 * Added reference to RFC2460 for IPv6 1280 byte packet limit in Section 2.1.1 * Fixed wrong figure numbers. * Fixed some amiguities in section 2.2 * Removed redundant text - The document is much leaner now. Changes since version 00: * New section about security and bindings between HIP and ESP traffic * Rewrite and extension of the discussion of the security properties. * Minor fixes for alignment with the base documents (packet sizes) Abstract: The Host Identity Protocol [RFC2119]is a signaling protocol for secure communication, mobility, and multihoming by introducing a cryptographic namespace. This document specifies an extension for HIP that enables middleboxes to unambiguously verify the identities of hosts that communicate across them. This extension enables middleboxes to verify the liveness and freshness of a HIP association and, thus, enables reliable and secure access control in middleboxes. Comments are very appreciated. The draft can be found here: http://www.ietf.org/internet-drafts/draft-heer-hip-middle-auth-02.txt BR, Tobias Anfang der weitergeleiteten E-Mail: > Von: IETF I-D Submission Tool <idsubmission at ietf.org> > Datum: 27. Februar 2009 13:18:49 MEZ > An: heer at cs.rwth-aachen.de > Kopie: wehrle at cs.rwth-aachen.de, miika at iki.fi > Betreff: New Version Notification for draft-heer-hip-middle-auth-02 > > > A new version of I-D, draft-heer-hip-middle-auth-02.txt has been > successfuly submitted by Tobias Heer and posted to the IETF > repository. > > Filename: draft-heer-hip-middle-auth > Revision: 02 > Title: End-Host Authentication for HIP Middleboxes > Creation_date: 2009-02-28 > WG ID: Independent Submission > Number_of_pages: 20 > > Abstract: > The Host Identity Protocol [RFC5201] is a signaling protocol for > secure communication, mobility, and multihoming that introduces a > cryptographic namespace. This document specifies an extension for > HIP that enables middleboxes to unambiguously verify the identities > of hosts that communicate across them. This extension allows > middleboxes to verify the liveness and freshness of a HIP association > and, thus, to secure access control in middleboxes. > > > > The IETF Secretariat. > > -- Dipl.-Inform. Tobias Heer, Ph.D. Student Distributed Systems Group RWTH Aachen University, Germany tel: +49 241 80 207 76 web: http://ds.cs.rwth-aachen.de/members/heer