Re: [HOKEY] Key Management Issues
Yoshihiro Ohba <yohba@tari.toshiba.com> Tue, 18 March 2008 01:23 UTC
Return-Path: <hokey-bounces@ietf.org>
X-Original-To: ietfarch-hokey-archive@core3.amsl.com
Delivered-To: ietfarch-hokey-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 01C5D28C499; Mon, 17 Mar 2008 18:23:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.918
X-Spam-Level:
X-Spam-Status: No, score=-100.918 tagged_above=-999 required=5 tests=[AWL=-1.081, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_21=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mjp7T6OsjUuM; Mon, 17 Mar 2008 18:23:00 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E037228C24E; Mon, 17 Mar 2008 18:23:00 -0700 (PDT)
X-Original-To: hokey@core3.amsl.com
Delivered-To: hokey@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B3D8B28C141 for <hokey@core3.amsl.com>; Mon, 17 Mar 2008 18:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kOI7IDBqbiJv for <hokey@core3.amsl.com>; Mon, 17 Mar 2008 18:22:58 -0700 (PDT)
Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:20e:7fff:fe65:c513]) by core3.amsl.com (Postfix) with ESMTP id A7A3C28C44D for <hokey@ietf.org>; Mon, 17 Mar 2008 18:21:40 -0700 (PDT)
Received: from steelhead.localdomain (toshi17.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id m2I1JKHx034576; Mon, 17 Mar 2008 20:19:20 -0500 (EST) (envelope-from yohba@tari.toshiba.com)
Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from <yohba@tari.toshiba.com>) id 1JbQR0-0007mK-GU; Mon, 17 Mar 2008 21:16:10 -0400
Date: Mon, 17 Mar 2008 21:16:10 -0400
From: Yoshihiro Ohba <yohba@tari.toshiba.com>
To: Charles Clancy <clancy@cs.umd.edu>
Message-ID: <20080318011610.GD29388@steelhead.localdomain>
References: <47DF06C9.1010601@cs.umd.edu>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <47DF06C9.1010601@cs.umd.edu>
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
Cc: hokey@ietf.org
Subject: Re: [HOKEY] Key Management Issues
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: hokey-bounces@ietf.org
Errors-To: hokey-bounces@ietf.org
Since "ERX fraud issue" raised by Bernard still remains unresolved (at least I am not convinced at all), I have a reservation on removing KDE1 and KDE4 from KDE exchange. KDE1 and KDE4 provide peer consent for DSRK key distribution, which addresses ERX fraud issue. Yoshihiro Ohba On Mon, Mar 17, 2008 at 08:03:21PM -0400, Charles Clancy wrote: > All, > > During IETF 71, there was relatively strong room consensus for the > following changes to the key management document: > > - Remove ALL encryption from existing key-mgm document; elimination > of KDE0, KDE1, and KDE 4 > - Lay out security requirements for hop-by-hop security, apply to > all transports > - Define RADIUS attribute for key request and transport to meet > HOKEY needs > > First, for anyone who did not register an opinion during the meeting, > here's your chance. > > Secondly, we need to figure out how to evolve the document to meet these > requirements. I suggest the authors of draft-ietf-hokey-key-mgm-03 and > draft-gaonkar-radext-erp-attrs-03 work together to merge their two > documents, and create draft-ietf-hokey-key-mgm-04. Parts of > draft-gaonkar-radext-erp-attrs-03 that are specific to ERX should remain > in place (i.e. text updating RFC 3579) for a v04 of that document. > > I've created the following issues to track these changes: > > KM: AAA security > http://www.ltsnet.net:8080/hokey/issue40 > > KM: AAA transport > http://www.ltsnet.net:8080/hokey/issue41 > > KM: transport security requirements > http://www.ltsnet.net:8080/hokey/issue42 > > -- > t. charles clancy, ph.d. eng.umd.edu/~tcc > electrical & computer engineering, university of maryland > _______________________________________________ > HOKEY mailing list > HOKEY@ietf.org > https://www.ietf.org/mailman/listinfo/hokey > _______________________________________________ HOKEY mailing list HOKEY@ietf.org https://www.ietf.org/mailman/listinfo/hokey
- [HOKEY] Key Management Issues Charles Clancy
- Re: [HOKEY] Key Management Issues Yoshihiro Ohba
- Re: [HOKEY] Key Management Issues li.chunqiang