[HOKEY] Key Management Issues
Charles Clancy <clancy@cs.umd.edu> Tue, 18 March 2008 00:05 UTC
Return-Path: <hokey-bounces@ietf.org>
X-Original-To: ietfarch-hokey-archive@core3.amsl.com
Delivered-To: ietfarch-hokey-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4FFC13A6EAE; Mon, 17 Mar 2008 17:05:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.107
X-Spam-Level:
X-Spam-Status: No, score=-100.107 tagged_above=-999 required=5 tests=[AWL=-0.270, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_21=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8AxA-JmXHi3E; Mon, 17 Mar 2008 17:05:43 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7BFF13A6BFE; Mon, 17 Mar 2008 17:05:43 -0700 (PDT)
X-Original-To: hokey@core3.amsl.com
Delivered-To: hokey@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9BC323A6BFE for <hokey@core3.amsl.com>; Mon, 17 Mar 2008 17:05:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5+Nu+8Wr9yzU for <hokey@core3.amsl.com>; Mon, 17 Mar 2008 17:05:41 -0700 (PDT)
Received: from bacon.cs.umd.edu (server-nat-2.cs.umd.edu [128.8.127.145]) by core3.amsl.com (Postfix) with ESMTP id BC4543A6A64 for <hokey@ietf.org>; Mon, 17 Mar 2008 17:05:40 -0700 (PDT)
Received: from [127.0.0.1] (pool-71-179-91-146.bltmmd.fios.verizon.net [71.179.91.146]) (authenticated bits=0) by bacon.cs.umd.edu (8.13.1/8.12.5) with ESMTP id m2I03K97027486 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <hokey@ietf.org>; Mon, 17 Mar 2008 20:03:20 -0400
Message-ID: <47DF06C9.1010601@cs.umd.edu>
Date: Mon, 17 Mar 2008 20:03:21 -0400
From: Charles Clancy <clancy@cs.umd.edu>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: hokey@ietf.org
X-CSD-MailScanner-Information: Please email staff@cs.umd.edu for more information
X-CSD-MailScanner: Found to be clean
X-CSD-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-4.399, required 5, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60)
X-CSD-MailScanner-From: clancy@cs.umd.edu
Subject: [HOKEY] Key Management Issues
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: hokey-bounces@ietf.org
Errors-To: hokey-bounces@ietf.org
All, During IETF 71, there was relatively strong room consensus for the following changes to the key management document: - Remove ALL encryption from existing key-mgm document; elimination of KDE0, KDE1, and KDE 4 - Lay out security requirements for hop-by-hop security, apply to all transports - Define RADIUS attribute for key request and transport to meet HOKEY needs First, for anyone who did not register an opinion during the meeting, here's your chance. Secondly, we need to figure out how to evolve the document to meet these requirements. I suggest the authors of draft-ietf-hokey-key-mgm-03 and draft-gaonkar-radext-erp-attrs-03 work together to merge their two documents, and create draft-ietf-hokey-key-mgm-04. Parts of draft-gaonkar-radext-erp-attrs-03 that are specific to ERX should remain in place (i.e. text updating RFC 3579) for a v04 of that document. I've created the following issues to track these changes: KM: AAA security http://www.ltsnet.net:8080/hokey/issue40 KM: AAA transport http://www.ltsnet.net:8080/hokey/issue41 KM: transport security requirements http://www.ltsnet.net:8080/hokey/issue42 -- t. charles clancy, ph.d. eng.umd.edu/~tcc electrical & computer engineering, university of maryland _______________________________________________ HOKEY mailing list HOKEY@ietf.org https://www.ietf.org/mailman/listinfo/hokey
- [HOKEY] Key Management Issues Charles Clancy
- Re: [HOKEY] Key Management Issues Yoshihiro Ohba
- Re: [HOKEY] Key Management Issues li.chunqiang