[Hipsec] Fwd: New Version Notification for draft-ietf-hip-rfc5201-bis-04
Tobias Heer <heer@cs.rwth-aachen.de> Thu, 20 January 2011 20:53 UTC
Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D7F23A6824 for <hipsec@core3.amsl.com>; Thu, 20 Jan 2011 12:53:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.801
X-Spam-Level:
X-Spam-Status: No, score=-4.801 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0S2EIcD8Xf0m for <hipsec@core3.amsl.com>; Thu, 20 Jan 2011 12:53:52 -0800 (PST)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE [134.130.7.72]) by core3.amsl.com (Postfix) with ESMTP id 67E473A681A for <hipsec@ietf.org>; Thu, 20 Jan 2011 12:53:52 -0800 (PST)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0LFC00FTPA6BYPH0@mta-1.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Thu, 20 Jan 2011 21:56:35 +0100 (CET)
X-IronPort-AV: E=Sophos;i="4.60,353,1291590000"; d="scan'208";a="89530389"
Received: from relay-auth-2.ms.rz.rwth-aachen.de (HELO relay-auth-2) ([134.130.7.79]) by ironport-in-1.rz.rwth-aachen.de with ESMTP; Thu, 20 Jan 2011 21:56:36 +0100
Received: from [192.168.3.3] ([unknown] [91.179.203.58]) by relay-auth-2.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0LFC000GCA6B6980@relay-auth-2.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Thu, 20 Jan 2011 21:56:35 +0100 (CET)
From: Tobias Heer <heer@cs.rwth-aachen.de>
Date: Thu, 20 Jan 2011 21:56:37 +0100
References: <20110120205032.AB7A23A6824@core3.amsl.com>
To: HIP <hipsec@ietf.org>
Message-id: <E907FD01-6C29-4CF5-B07F-BA6601541254@cs.rwth-aachen.de>
X-Mailer: Apple Mail (2.1082)
Subject: [Hipsec] Fwd: New Version Notification for draft-ietf-hip-rfc5201-bis-04
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jan 2011 20:53:53 -0000
Hello, I just submitted a new version of RFC5201-bis. http://www.ietf.org/id/draft-ietf-hip-rfc5201-bis-04.txt Here is the changelog from version 03: 8.1. Changes from draft-ietf-hip-rfc5201-bis-03 o Editorial changes to improve clarity and readability. o Removed obsoleted (not applicable) attack from security consideration section. o Added a requirement that hosts MUST support processing of ACK parameters with several SEQ numbers even when they do not support sending such parameters. o Removed note on memory bound puzzles. The use of memory bound puzzles was reconsidered but no convincing arguments for inclusion in this document have been made on the list. o Changed references to reference the new bis documents. o Specified the ECC curves and the hashes used for these. o Specified representation of ECC curves in the HI. o Added text on the dependency between RHASH and HMAC. o Rephrased part of the security considerations to make them clearer. o Clarified the use of HITs in opportunistic mode. o Clarified the difference between HIP_MAC and HIP_MAC_2 as well as between SIGNATURE and SIGNATURE_2. o Changed NOTIFY name for value 44 from SERVER_BUSY_PLEASE_RETRY to RESPONDER_BUSY_PLEASE_RETRY. o Mentioned that there are multiple valid puzzle solutions. Feel free to provide reviews, comments and suggestions. Tobias Anfang der weitergeleiteten E-Mail: > Von: IETF I-D Submission Tool <idsubmission@ietf.org> > Datum: 20. Januar 2011 21:50:32 MEZ > An: heer@cs.rwth-aachen.de > Kopie: thomas.r.henderson@boeing.com, petri.jokela@nomadiclab.com, robert.moskowitz@icsalabs.com > Betreff: New Version Notification for draft-ietf-hip-rfc5201-bis-04 > > > A new version of I-D, draft-ietf-hip-rfc5201-bis-04.txt has been successfully submitted by Tobias Heer and posted to the IETF repository. > > Filename: draft-ietf-hip-rfc5201-bis > Revision: 04 > Title: Host Identity Protocol > Creation_date: 2011-01-20 > WG ID: hip > Number_of_pages: 119 > > Abstract: > This document specifies the details of the Host Identity Protocol > (HIP). HIP allows consenting hosts to securely establish and > maintain shared IP-layer state, allowing separation of the identifier > and locator roles of IP addresses, thereby enabling continuity of > communications across IP address changes. HIP is based on a SIGMA- > compliant Diffie-Hellman key exchange, using public key identifiers > from a new Host Identity namespace for mutual peer authentication. > The protocol is designed to be resistant to denial-of-service (DoS) > and man-in-the-middle (MitM) attacks. When used together with > another suitable security protocol, such as the Encapsulated Security > Payload (ESP), it provides integrity protection and optional > encryption for upper-layer protocols, such as TCP and UDP. > > This document obsoletes RFC 5201 and addresses the concerns raised by > the IESG, particularly that of crypto agility. It also incorporates > lessons learned from the implementations of RFC 5201. > > > > The IETF Secretariat. > >