[IPsec] Fwd: RFC 6631 on Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2)
Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 18 June 2012 06:37 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A307911E808C for <ipsec@ietfa.amsl.com>; Sun, 17 Jun 2012 23:37:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.999
X-Spam-Level:
X-Spam-Status: No, score=-102.999 tagged_above=-999 required=5 tests=[AWL=0.600, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vUmgTAzxVCY6 for <ipsec@ietfa.amsl.com>; Sun, 17 Jun 2012 23:37:01 -0700 (PDT)
Received: from mail-bk0-f44.google.com (mail-bk0-f44.google.com [209.85.214.44]) by ietfa.amsl.com (Postfix) with ESMTP id AD22F21F850D for <ipsec@ietf.org>; Sun, 17 Jun 2012 23:37:00 -0700 (PDT)
Received: by bkty8 with SMTP id y8so4217201bkt.31 for <ipsec@ietf.org>; Sun, 17 Jun 2012 23:36:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-forwarded-message-id:content-type :content-transfer-encoding; bh=vzU2xkew2P2fHiLGAoLS/eksBzHekp3Volq9iHUkS1o=; b=pDSbgiKaTFdNYjVfg7thCvhncrAdCNFb0swPxuCZGSmgAuqh7T2nQdkEEs+1nR5nZy WSEIvTTB252cNrMBt0P2Jj65DWQum9OTxUROax8tj1Tk0nv3XEhDA/zixsx8Ta9Eqko9 GIdQnp0HuCfBd5dymwwLSSXsPD38B2a0IgsIuivLAPi1rLqp5pbHUgqM1/JIalRuxYMr hcEpTlJNdeFYUckn3zNBu6OlncXvKw6S0ltRSwmszu0HORTc1/KGzDmB79fkcYrHnU/S FA2kIgiiMxy5kj5rSpaZxlAjR3/R5coe5QEYgg3l3MK+AF5WveuMdi/M7bPyjyouvTQF ZSoQ==
Received: by 10.205.132.13 with SMTP id hs13mr6227360bkc.78.1340001419712; Sun, 17 Jun 2012 23:36:59 -0700 (PDT)
Received: from [10.0.0.3] (bzq-79-176-161-38.red.bezeqint.net. [79.176.161.38]) by mx.google.com with ESMTPS id n17sm17175588bkw.5.2012.06.17.23.36.57 (version=SSLv3 cipher=OTHER); Sun, 17 Jun 2012 23:36:58 -0700 (PDT)
Message-ID: <4FDECC87.4090708@gmail.com>
Date: Mon, 18 Jun 2012 09:36:55 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: IPsecme WG <ipsec@ietf.org>
References: <20120618062532.D417072E026@rfc-editor.org>
In-Reply-To: <20120618062532.D417072E026@rfc-editor.org>
X-Forwarded-Message-Id: <20120618062532.D417072E026@rfc-editor.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [IPsec] Fwd: RFC 6631 on Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2012 06:37:01 -0000
This concludes the current round of IKE-with-passwords proposals: RFC 6617, 6628 and 6631. All three RFCs are Experimental. I hope we will get some market traction behind this idea and will be able to progress one of them (or maybe something new) to Standards Track. Yaron -------- Original Message -------- Subject: RFC 6631 on Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2) Date: Sun, 17 Jun 2012 23:25:32 -0700 (PDT) From: rfc-editor@rfc-editor.org To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org CC: rfc-editor@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 6631 Title: Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2) Author: D. Kuegler, Y. Sheffer Status: Experimental Stream: IETF Date: June 2012 Mailbox: dennis.kuegler@bsi.bund.de, yaronf.ietf@gmail.com Pages: 26 Characters: 53353 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-kuegler-ipsecme-pace-ikev2-10.txt URL: http://www.rfc-editor.org/rfc/rfc6631.txt The Internet Key Exchange protocol version 2 (IKEv2) does not allow secure peer authentication when using short credential strings, i.e., passwords. Several proposals have been made to integrate password-authentication protocols into IKE. This document provides an adaptation of Password Authenticated Connection Establishment (PACE) to the setting of IKEv2 and demonstrates the advantages of this integration. This document defines an Experimental Protocol for the Internet community. EXPERIMENTAL: This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC
- [IPsec] Fwd: RFC 6631 on Password Authenticated C… Yaron Sheffer