Protocol Action: 'Guidelines for Cryptographic Key Management' to BCP
The IESG <iesg-secretary@ietf.org> Thu, 24 February 2005 03:30 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA27978; Wed, 23 Feb 2005 22:30:21 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D4A4d-0005yo-DX; Wed, 23 Feb 2005 22:53:59 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D3kle-00061g-RK; Tue, 22 Feb 2005 19:52:42 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D3Naw-0006b2-4y; Mon, 21 Feb 2005 19:08:06 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA02184; Mon, 21 Feb 2005 19:08:03 -0500 (EST)
Received: from [132.151.6.50] (helo=newodin.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D3NxJ-0000vP-SB; Mon, 21 Feb 2005 19:31:14 -0500
Received: from apache by newodin.ietf.org with local (Exim 4.43) id 1D3Naw-0004H3-MR; Mon, 21 Feb 2005 19:08:06 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1D3Naw-0004H3-MR@newodin.ietf.org>
Date: Mon, 21 Feb 2005 19:08:06 -0500
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c
Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Guidelines for Cryptographic Key Management' to BCP
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17
The IESG has approved the following document: - 'Guidelines for Cryptographic Key Management ' <draft-bellovin-mandate-keymgmt-03.txt> as a BCP This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sam Hartman. Technical Summary The question often arises of whether or not a given security system requires some form of automated key management, or whether manual keying is sufficient. This memo proposes guidelines for making such decisions. The presumption is that when symmetric cryptographic mechanisms are used in a protocol, then automated key management is generally but not always needed. If manual keying is proposed, the burden of proving that automated key management is not required falls to the proposer. Working Group Summary While this specification is not the product of an IETF working group, it has been reviewed in the SAAG. There was significant support for publication in SAAG. Comments from the SAAG review have been incorporated into the specification. Protocol Quality This document has been reviewed by Sam Hartman for the IESG. RFC Editor Note In the abstract: s/proposes/provides/ old: keying is sufficient. This memo proposes guidelines for making such new: keying is sufficient. This memo provides guidelines for making such section 2: old: In general, automated key management SHOULD be used to establish session keys. This is a very strong "SHOULD", meaning the justification is needed in the security considerations section of a proposal that makes use of manual key management. new: In general, automated key management SHOULD be used to establish session keys. Justification is needed in the security considerations section of a proposal that makes use of manual key management. Section 2.2: s/is/may be/ old: Manual key management is a reasonable approach in any of these situations: new: Manual key management may be a reasonable approach in any of these situations: IANA Note No IANA actions are required by this document. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce