[secdir] Interest in draft-dong-savi-cga-header-03.txt; possibility of a five minute slot at saag?

Sam Hartman <hartmans-ietf@mit.edu> Fri, 16 July 2010 12:35 UTC

Return-Path: <hartmans@painless-security.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D05AC3A657C for <secdir@core3.amsl.com>; Fri, 16 Jul 2010 05:35:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.53
X-Spam-Level:
X-Spam-Status: No, score=-2.53 tagged_above=-999 required=5 tests=[AWL=-0.265, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FX0eMS0+DrhK for <secdir@core3.amsl.com>; Fri, 16 Jul 2010 05:35:41 -0700 (PDT)
Received: from mail.suchdamage.org (permutation-city.suchdamage.org [69.25.196.28]) by core3.amsl.com (Postfix) with ESMTP id A771C3A688C for <secdir@ietf.org>; Fri, 16 Jul 2010 05:35:30 -0700 (PDT)
Received: from carter-zimmerman.suchdamage.org (carter-zimmerman.suchdamage.org [69.25.196.178]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id 02A5F203CB; Fri, 16 Jul 2010 08:35:38 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 5AEC740D4; Fri, 16 Jul 2010 08:35:23 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: secdir@ietf.org
Date: Fri, 16 Jul 2010 08:35:23 -0400
Message-ID: <tsl630fmwok.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Margaret Wasserman <mrw@painless-security.com>, PaddyNallur <paddy@huaweisymantec.com>, Dong Zhang <zhangdong_rh@huawei.com>
Subject: [secdir] Interest in draft-dong-savi-cga-header-03.txt; possibility of a five minute slot at saag?
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2010 12:35:43 -0000

Hi.  I've been working with the authors of
draft-dong-savi-cga-header-03. The basic idea is that you can use
cryptographically-generated IPv6 addresses for a reasonably secure form
of IP-based access control. The main advantage of this is 
administrative simplicity.  I've asked Nico Williams and Jeff Hutzelman
to take a look and have had a discussion with both of them about the
proposal. Julieng Loganier has also done previous work in this
space. The authors have also been talking to the internet ADs and
int-area chairs about the work.  Comments so far definitely suggest that
this is something worth discussing.

So, we'd like to briefly introduce the proposal and solicit comments and
see if we can get a group of people interested in working on this sort
of thing together.  I realize the SAAG agenda is reasonably full, but
would it be possible to get five minutes and say three slides to briefly
introduce the proposal?

Also, I'd like to encourage people on this list to read and comment on
the proposal. At this point, the basic idea is more important than the
specific mechanism described in the draft.

As I mentioned, the authors are working with the int-area to introduce
the proposal there; we believe input is required from both areas.


Thanks for your consideration and comments,

--Sam