BCP 107, RFC 4107 on Guidelines for Cryptographic Key Management

rfc-editor@rfc-editor.org Mon, 20 June 2005 19:53 UTC

Received: from localhost.localdomain ([] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DkSKz-0006lv-Pl; Mon, 20 Jun 2005 15:53:41 -0400
Received: from odin.ietf.org ([] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DkSKx-0006lq-Qy for ietf-announce@megatron.ietf.org; Mon, 20 Jun 2005 15:53:39 -0400
Received: from ietf-mx.ietf.org (ietf-mx []) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA03215 for <ietf-announce@ietf.org>; Mon, 20 Jun 2005 15:53:38 -0400 (EDT)
Received: from boreas.isi.edu ([]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DkSik-00036e-36 for ietf-announce@ietf.org; Mon, 20 Jun 2005 16:18:14 -0400
Received: from ISI.EDU (adma.isi.edu []) by boreas.isi.edu (8.11.6p2+0917/8.11.2) with ESMTP id j5KJrJL06651; Mon, 20 Jun 2005 12:53:19 -0700 (PDT)
Message-Id: <200506201953.j5KJrJL06651@boreas.isi.edu>
To: ietf-announce@ietf.org
From: rfc-editor@rfc-editor.org
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
Date: Mon, 20 Jun 2005 12:53:19 -0700
X-ISI-4-39-6-MailScanner: Found to be clean
X-MailScanner-From: rfc-ed@isi.edu
X-Spam-Score: -14.6 (--------------)
X-Scan-Signature: 14582b0692e7f70ce7111d04db3781c8
Cc: rfc-editor@rfc-editor.org
Subject: BCP 107, RFC 4107 on Guidelines for Cryptographic Key Management
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org

A new Request for Comments is now available in online RFC libraries.

        BCP 107
        RFC 4107

        Title:      Guidelines for Cryptographic Key Management
        Author(s):  S. Bellovin, R. Housley
        Status:     Best Current Practice
        Date:       June 2005
        Mailbox:    bellovin@acm.org, housley@vigilsec.com
        Pages:      7
        Characters: 14752
        SeeAlso:    BCP 107

        I-D Tag:    draft-bellovin-mandate-keymgmt-03.txt

        URL:        ftp://ftp.rfc-editor.org/in-notes/rfc4107.txt

The question often arises of whether a given security system requires
some form of automated key management, or whether manual keying is
sufficient.  This memo provides guidelines for making such decisions.
When symmetric cryptographic mechanisms are used in a protocol, the
presumption is that automated key management is generally but not
always needed.  If manual keying is proposed, the burden of proving
that automated key management is not required falls to the proposer.

This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements.  Distribution of this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body 
help: ways_to_get_rfcs.  For example:

        To: rfc-info@RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.

Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute


Below is the data which will enable a MIME compliant Mail Reader 
implementation to automatically retrieve the ASCII version
of the RFCs.
IETF-Announce mailing list