[node req] Question on Security considerations.
john.loughney@nokia.com Fri, 13 February 2004 13:11 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA07978 for <ipv6-archive@odin.ietf.org>; Fri, 13 Feb 2004 08:11:29 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Ard5w-0003Pb-LX for ipv6-archive@odin.ietf.org; Fri, 13 Feb 2004 08:11:00 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i1DDB0r8013098 for ipv6-archive@odin.ietf.org; Fri, 13 Feb 2004 08:11:00 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Ard5w-0003PA-3f for ipv6-web-archive@optimus.ietf.org; Fri, 13 Feb 2004 08:11:00 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA07953 for <ipv6-web-archive@ietf.org>; Fri, 13 Feb 2004 08:10:58 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Ard5v-0006UW-00 for ipv6-web-archive@ietf.org; Fri, 13 Feb 2004 08:10:59 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Ard4w-0006Ph-00 for ipv6-web-archive@ietf.org; Fri, 13 Feb 2004 08:09:59 -0500
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1Ard4O-0006Lr-00 for ipv6-web-archive@ietf.org; Fri, 13 Feb 2004 08:09:24 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Ard42-00031V-Fp; Fri, 13 Feb 2004 08:09:02 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Ard3y-000313-JQ for ipv6@optimus.ietf.org; Fri, 13 Feb 2004 08:08:58 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA07912 for <ipv6@ietf.org>; Fri, 13 Feb 2004 08:08:56 -0500 (EST)
From: john.loughney@nokia.com
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Ard3x-0006LF-00 for ipv6@ietf.org; Fri, 13 Feb 2004 08:08:57 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Ard31-0006HS-00 for ipv6@ietf.org; Fri, 13 Feb 2004 08:08:00 -0500
Received: from mgw-x4.nokia.com ([131.228.20.27]) by ietf-mx with esmtp (Exim 4.12) id 1Ard2C-0006Dg-00 for ipv6@ietf.org; Fri, 13 Feb 2004 08:07:08 -0500
Received: from esvir04nok.ntc.nokia.com (esvir04nokt.ntc.nokia.com [172.21.143.36]) by mgw-x4.nokia.com (Switch-2.2.8/Switch-2.2.8) with ESMTP id i1DD76v21049 for <ipv6@ietf.org>; Fri, 13 Feb 2004 15:07:06 +0200 (EET)
Received: from esebh004.NOE.Nokia.com (unverified) by esvir04nok.ntc.nokia.com (Content Technologies SMTPRS 4.2.5) with ESMTP id <T67bbd35f21ac158f24116@esvir04nok.ntc.nokia.com>; Fri, 13 Feb 2004 15:07:03 +0200
Received: from esebh005.NOE.Nokia.com ([172.21.138.86]) by esebh004.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6747); Fri, 13 Feb 2004 15:07:02 +0200
Received: from esebe023.NOE.Nokia.com ([172.21.138.115]) by esebh005.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6747); Fri, 13 Feb 2004 15:07:01 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.0.6487.1
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: [node req] Question on Security considerations.
Date: Fri, 13 Feb 2004 15:07:01 +0200
Message-ID: <DADF50F5EC506B41A0F375ABEB320636D44C28@esebe023.ntc.nokia.com>
Thread-Topic: [node req] Question on Security considerations.
Thread-Index: AcPyMkSXZWVFLp1KQL+6ENpv58svJQ==
To: ipv6@ietf.org
Cc: smb@research.att.com, housley@vigilsec.com
X-OriginalArrivalTime: 13 Feb 2004 13:07:01.0136 (UTC) FILETIME=[44B2C900:01C3F232]
Content-Transfer-Encoding: quoted-printable
Sender: ipv6-admin@ietf.org
Errors-To: ipv6-admin@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Id: IP Version 6 Working Group (ipv6) <ipv6.ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.3 required=5.0 tests=AWL, NO_REAL_NAME autolearn=no version=2.60
Content-Transfer-Encoding: quoted-printable
Content-Transfer-Encoding: quoted-printable
Hi all, The Security AD commented the following: > For Section 8, RFCs 2401, 2402, and 2406 are currently being revised by > the IPsec group; that should be mentioned. This is no problem. > The crypto algorithm requirements should be better aligned with > recommendations from the IPsec wg. There's a draft that lists 3DES as > SHOULD, not MAY. Would it be appropriate to mention something like: The Security Area RECOMMENDS the use of 3DES. > I think that IKEv? should be a SHOULD, not a MAY. While the IESG hasn't > yet seen draft-bellovin-mandate-keymgmt, it will soon and it describes > automated key management as a "strong SHOULD". That's certainly the > consensus in the security area. I think that the WG has gone through this several times, and SHOULD has always seemed problematic for some uses. Does anyone have any suggestions? > More generically, I don't think that this WG should standardize weaker > security requirements than the security area thinks are appropriate, > without strong justification. (Stronger requirements are fine -- they > may have a different operational environment, or a different threat > model.) My general comment is that if this document can point to existing RFCs for the security requirements, then I am happy to mandate whatever the pointers suggest (hint to the security area, provide pointers and I will include them). thanks, John -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- [node req] Question on Security considerations. john.loughney
- Re: [node req] Question on Security consideration… Russ Housley
- RE: [node req] Question on Security consideration… john.loughney