Document Action: 'Secure Password Framework for IKEv2' to Informational RFC (draft-kivinen-ipsecme-secure-password-framework-03.txt)
The IESG <iesg-secretary@ietf.org> Tue, 01 November 2011 13:20 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8123611E80C7 for <ietf-announce@ietfa.amsl.com>; Tue, 1 Nov 2011 06:20:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.535
X-Spam-Level:
X-Spam-Status: No, score=-102.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ayEMFAsp0wwN; Tue, 1 Nov 2011 06:20:53 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E9BB11E8117; Tue, 1 Nov 2011 06:20:52 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Document Action: 'Secure Password Framework for IKEv2' to Informational RFC (draft-kivinen-ipsecme-secure-password-framework-03.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.62
Message-ID: <20111101132052.3701.7511.idtracker@ietfa.amsl.com>
Date: Tue, 01 Nov 2011 06:20:52 -0700
Cc: RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2011 13:20:53 -0000
The IESG has approved the following document: - 'Secure Password Framework for IKEv2' (draft-kivinen-ipsecme-secure-password-framework-03.txt) as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-kivinen-ipsecme-secure-password-framework/ Technical Summary This document creates a generic way for Internet Key Exchange (IKEv2) to use any of the symmetric secure password authentication methods. There are multiple methods already specified in other documents and this document does not add new one. This document specifies a common way so those methods can agree on which method is to be used in current connection. This document also provides a common way to transmit secure password authentication method specific payloads between peers. Working Group Summary The IPsecME working group was chartered to provide Internet Key Exchange (IKEv2) a symmetric secure password authentication protocol that supports using of low-entropy shared secrets, but which is protected against off-line dictionary attacks without requiring the use of certificates or Extensible Authentication Protocol (EAP). There are multiple of such methods and working group was supposed to pick one. Unfortunately the working group failed to get pick one protocol and there are multiple candidates going forward as separate documents. As each of those documents used different method to negotiate the use of the method and also used different payload formats it is very hard to try to make implementation where multiple of those systems could co-exists. This document provides a common way for those secure password methods so they can easily co-exist. It should be noted that this draft was not universally loved. During IETF LC there were a few members of the IPSECME working that objected to this draft. That number is on par with the authors of the four drafts in question: this draft, draft-harkins-ipsecme-spsk-auth, draft-shin-augmented-pake, and draft-kuegler-ipsecme-pace-ikev2. This was curious because this draft garnered more interest than the three mechanism drafts. Document Quality This document does not specify any protocol that can be implemented as such, but provides common way for secure password methods to do things in IKEv2. There is already multiple secure password method documents using the common way specified in this document. Personnel Document Shepherd: Tero Kivinen Responsible Area Director: Sean Turner The IANA Expert for the registries in this document is Tero Kivinen.