[rfc-dist] BCP 132, RFC 4962 on Guidance for Authentication, Authorization, and Accounting (AAA) Key Management,

[rfc-editor at rfc-editor.org (rfc-editor@rfc-editor.org)]

A new Request for Comments is now available in online RFC libraries.

        BCP 132        
        RFC 4962

        Title:      Guidance for Authentication, Authorization, and 
                    Accounting (AAA) Key Management, 
        Author:     R. Housley, B. Aboba
        Status:     Best Current Practice
        Date:       July 2007
        Mailbox:    housley at vigilsec.com, 
                    bernarda at microsoft.com
        Pages:      23
        Characters: 54927
        See-Also:   BCP0132

        I-D Tag:    draft-housley-aaa-key-mgmt-09.txt

        URL:        http://www.rfc-editor.org/rfc/rfc4962.txt

This document provides guidance to designers of Authentication,
Authorization, and Accounting (AAA) key management
protocols.  The guidance is also useful to designers of systems and
solutions that include AAA key management protocols.  Given the
complexity and difficulty in designing secure, long-lasting key
management algorithms and protocols by experts in the field, it is almost
certainly inappropriate for IETF working groups without deep expertise in
the area to be designing their own key management algorithms and
protocols based on Authentication, Authorization, and Accounting (AAA)
protocols.  The guidelines in this document apply to documents requesting
publication as IETF RFCs.  Further, these guidelines will be useful to 
other standards development organizations (SDOs) that specify AAA key 
management.  This document specifies an Internet Best Current Practices for 
the Internet Community, and requests discussion and suggestions for
improvements.

This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements.  Distribution of this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST at IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST at RFC-EDITOR.ORG.

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info at RFC-EDITOR.ORG with the message body 

help: ways_to_get_rfcs. For example:

        To: rfc-info at RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager at RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR at RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.


The RFC Editor Team
USC/Information Sciences Institute

...