[saag] request for comments - draft-rafiee-cga-tsig-00
"Rafiee, Hosnieh" <rafiee@hpi.uni-potsdam.de> Sun, 07 October 2012 09:22 UTC
Return-Path: <rafiee@hpi.uni-potsdam.de>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C3C321F8484 for <saag@ietfa.amsl.com>; Sun, 7 Oct 2012 02:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.915
X-Spam-Level:
X-Spam-Status: No, score=-1.915 tagged_above=-999 required=5 tests=[AWL=0.333, BAYES_00=-2.599, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gcy4eESg0RBd for <saag@ietfa.amsl.com>; Sun, 7 Oct 2012 02:22:04 -0700 (PDT)
Received: from mail3.hpi.uni-potsdam.de (mail3.hpi.uni-potsdam.de [IPv6:2001:638:807:204::8d59:e17b]) by ietfa.amsl.com (Postfix) with ESMTP id 780BD21F847A for <saag@ietf.org>; Sun, 7 Oct 2012 02:22:04 -0700 (PDT)
Received: from owa2.hpi.uni-potsdam.de (owa2.hpi.uni-potsdam.de [141.89.225.162]) by mail3.hpi.uni-potsdam.de (Postfix) with ESMTP id 94507169E53 for <saag@ietf.org>; Sun, 7 Oct 2012 11:22:03 +0200 (CEST)
Received: from 8MXMA1R.hpi.uni-potsdam.de ([fe80::88e9:3d98:b35f:83bf]) by OWA2.hpi.uni-potsdam.de ([2002:8d59:e1a2::8d59:e1a2]) with mapi; Sun, 7 Oct 2012 11:22:03 +0200
From: "Rafiee, Hosnieh" <rafiee@hpi.uni-potsdam.de>
To: "saag@ietf.org" <saag@ietf.org>
Date: Sun, 07 Oct 2012 11:22:02 +0200
Thread-Topic: request for comments - draft-rafiee-cga-tsig-00
Thread-Index: Ac2kbTV/YQ4hH8EiRGKjN4gcftB0OQ==
Message-ID: <EA738325B0580041A50A364F5F76B68924CD4EAE76@8MXMA1R.hpi.uni-potsdam.de>
Accept-Language: en-US, de-DE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, de-DE
Content-Type: multipart/alternative; boundary="_000_EA738325B0580041A50A364F5F76B68924CD4EAE768MXMA1Rhpiuni_"
MIME-Version: 1.0
Subject: [saag] request for comments - draft-rafiee-cga-tsig-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Oct 2012 09:22:05 -0000
Please take a look at my RFC draft and share your comments with me so that I might improve it. I would like discuss this draft in IETF meetings in Atlanta. Thanks, Hosnieh A new version of I-D, draft-rafiee-cga-tsig-00.txt has been successfully submitted by Hosnieh Rafiee and posted to the IETF repository. Filename: draft-rafiee-cga-tsig Revision: 00 Title: Transaction SIGnature (TSIG) using CGA Algorithm in IPv6 Creation date: 2012-09-30 WG ID: Individual Submission Number of pages: 13 URL: http://www.ietf.org/internet-drafts/draft-rafiee-cga-tsig-00.txt Status: http://datatracker.ietf.org/doc/draft-rafiee-cga-tsig Htmlized: http://tools.ietf.org/html/draft-rafiee-cga-tsig-00 Abstract: The first step of Transaction SIGnature (TSIG) (RFC 2845) is to generate a shared secret and exchange it manually between a DNS server and a host. This document, CGA-TSIG, proposes a possible way to automate the now manual process for the authentication of a node with a DNS server during the DNS Update process by using the same parameters as are used in generating a secure address in IPv6 networks, i.e., Cryptographically Generated Addresses (CGA) (RFC 3972). CGA-TSIG facilitates this authentication process and reduces the time needed for DNS Updates. The current signature generation process and verification mechanism in TSIG are thus replaced with CGA. This algorithm is added, as an extension, to TSIG to eliminate the human intervention needed for generation and exchange of keys between a DNS server and a host when SEcure Neighbor Discovery (SEND) (RFC 3971) is used.
- [saag] request for comments - draft-rafiee-cga-ts… Rafiee, Hosnieh