Re: [Int-area] CGA & SeND extensions discussion
"Jean-Michel Combes" <jeanmichel.combes@gmail.com> Tue, 21 November 2006 19:22 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GmbCd-0000sp-8B; Tue, 21 Nov 2006 14:22:43 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GmbCc-0000rS-1w for int-area@ietf.org; Tue, 21 Nov 2006 14:22:42 -0500
Received: from wr-out-0506.google.com ([64.233.184.239]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GmbCZ-0003It-Nd for int-area@ietf.org; Tue, 21 Nov 2006 14:22:42 -0500
Received: by wr-out-0506.google.com with SMTP id i22so661072wra for <int-area@ietf.org>; Tue, 21 Nov 2006 11:22:38 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=REhSH56SViY2/VYMU64Le49YFWUNuyPSnoiVnZkLMfSx9OhRVVEsgLYlHTdEl9LA1Xur3eW+YZVeLwGOdWyw5djz86J2JSROIVU8jnM64t+U2DaAC1MhprPa7o0Wp+rUg95oGEYEHybaNe3jtB5brhn2ZkLYs7r060zX79I3mT8=
Received: by 10.90.81.14 with SMTP id e14mr5813012agb.1164136956590; Tue, 21 Nov 2006 11:22:36 -0800 (PST)
Received: by 10.35.83.13 with HTTP; Tue, 21 Nov 2006 11:22:36 -0800 (PST)
Message-ID: <729b68be0611211122j17e4c3a7g8958247e28ad19ac@mail.gmail.com>
Date: Tue, 21 Nov 2006 20:22:36 +0100
From: Jean-Michel Combes <jeanmichel.combes@gmail.com>
To: marcelo bagnulo braun <marcelo@it.uc3m.es>
Subject: Re: [Int-area] CGA & SeND extensions discussion
In-Reply-To: <c21dd5dda8a5ba865571fdbd64c11c3b@it.uc3m.es>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <c21dd5dda8a5ba865571fdbd64c11c3b@it.uc3m.es>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 32b73d73e8047ed17386f9799119ce43
Cc: SEND WG <ietf-send@standards.ericsson.net>, cga-ext@ietf.org, INT Area <int-area@ietf.org>
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org
Hi, comments below. 2006/11/20, marcelo bagnulo braun <marcelo@it.uc3m.es>: > Hi, > > As a follow-up from James Kempf presentation in the Internet Area > meeting in San Diego, we have created a mailing list to discuss > potential future work related to CGA and SeND extensions. The main goal > is to identify possible work items that the community is interested in > doing some work on. > > You can subscribe to the list through: > https://www1.ietf.org/mailman/listinfo/cga-ext I think the old SEND ML still works :) > > I include a list of extensions that have been proposed over the last > few years that could be possible candidates to work on, depending on > the interest expressed. Please note that this is rough list, so maybe > some of the items included may not be clearly within the scope of the > work and there may be other items that i have missed. > > - Proxy SeND. The idea here is to define SeND and CGA extensions so > that SeND can be used with Proxy ND. Reference: > draft-kempf-mobopts-ringsig-ndproxy-01.txt > - Define extensions to Multi-Key CGAs: The idea here is to allow the > possibility of including multiple public keys in a single CGA > Parameter Data Structure, so that multiple parties can claim address > ownership. Reference: J. Kempf, J. Wood, Z. Ramzan, C. Gentry, "IP > Address Authorization for Secure Address Proxying using Multi-key CGAs > and Ring Signatures", IWSEC'06. IMO, these 2 previous items are in fact in the same topic (i.e. the second one as solution for the first one), aren't they? > - Perform a threat analysis of the current dependency of CGAs with > SHA-1 and Update CGAs so that other hash functions can be used. (this > work is already been discussed in the Int area ml, but i guess it would > benefit from additional discussion in a specialized forum). Reference: > draft-bagnulo-multiple-hash-cga-01.txt > - Define CGA extensions to support other public key algorithms. this > would be a generic extension that would allow using other public key > schemes in CGAs. In particular, the extension for using Elliptic Curve > encryption have been suggested. Agree with you about the 2 previous points: that will allow flexibility to CGA. > - Usage of CGAs with IPSec. The goal here would be to use the key of > the CGA to create an IPSec SA. Possible IKEv2 extensions need to be > defined for this. Reference: draft-laganier-ike-ipv6-cga-01.txt I strongly support such an item. It would be useful, for example, when MIPv6-RO is secured with IPsec (i.e. draft-ietf-mip6-cn-ipsec-03.txt) but no infrastructure (e.g. PKI) is available. > - CGAs and DHCP. The goal here would be to analyze possible mechanisms > to allow to assign CGAs using DHCP and to produce a recommendation > about how this can be done. The actual DHCP extensions are to be > defined in the DHC wg. IKEv2 too: IMHO, it would be useful for IPv6 mobility bootstrapping. > - Define CGA extensions for including Link Layer information in the > CGA. Reference: draft-laganier-send-ll-hba-00.txt > - Define CGA extensions to include a certified MAC address > - Define CGA extensions to include symmetric keys. Reference: > draft-narayanan-pba-01.txt > > Other items? Do you plan to do a revision of the RFC 3971/3972 regarding potential feedbacks from implementors? Best regards. JMC. > > comments on the items above? > > Regards, marcelo > > > _______________________________________________ > Int-area mailing list > Int-area@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list Int-area@lists.ietf.org https://www1.ietf.org/mailman/listinfo/int-area
- [Int-area] CGA & SeND extensions discussion marcelo bagnulo braun
- Re: [Int-area] CGA & SeND extensions discussion Wassim Haddad
- Re: [Int-area] CGA & SeND extensions discussion Jean-Michel Combes
- RE: [Int-area] CGA & SeND extensions discussion Templin, Fred L
- Re: [CGA-EXT] RE: [Int-area] CGA & SeND extension… Alexandru Petrescu
- Re: [CGA-EXT] Re: [Int-area] CGA & SeND extension… James Kempf
- Re: [CGA-EXT] RE: [Int-area] CGA & SeND extension… Jean-Michel Combes
- CGAs and DHCP (was Re: [CGA-EXT] RE: [Int-area] C… marcelo bagnulo braun
- Re: [Int-area] CGA & SeND extensions discussion marcelo bagnulo braun
- Re: [Int-area] CGA & SeND extensions discussion Jean-Michel Combes