[SECMECH] Summary of IETF63 secmech BOF

"Salowey, Joe" <jsalowey@cisco.com> Thu, 04 August 2005 07:28 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E0a9t-0004Q4-6x; Thu, 04 Aug 2005 03:28:53 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E0a9r-0004Nj-BW for secmech@megatron.ietf.org; Thu, 04 Aug 2005 03:28:51 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA07486 for <secmech@ietf.org>; Thu, 4 Aug 2005 03:28:49 -0400 (EDT)
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1E0agh-0001pp-E1 for secmech@ietf.org; Thu, 04 Aug 2005 04:02:47 -0400
Received: from sj-core-1.cisco.com (171.71.177.237) by sj-iport-3.cisco.com with ESMTP; 04 Aug 2005 00:28:39 -0700
X-IronPort-AV: i="3.95,166,1120460400"; d="scan'208"; a="328864260:sNHT29343776"
Received: from E2K-SEA-XCH2.sea-alpha.cisco.com (e2k-sea-xch2.cisco.com [10.93.132.68]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j747SY0J001129; Thu, 4 Aug 2005 00:28:34 -0700 (PDT)
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 4 Aug 2005 00:33:15 -0700
Message-ID: <7210B31550AC934A8637D6619739CE6905A0DD92@e2k-sea-xch2.sea-alpha.cisco.com>
Thread-Topic: Summary of IETF63 secmech BOF
Thread-Index: AcWYxiBnZfcMIZFrSQycZGFlV0Dksg==
From: "Salowey, Joe" <jsalowey@cisco.com>
To: <secmech@ietf.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
Content-Transfer-Encoding: quoted-printable
Cc: Russ Housley <housley@vigilsec.com>
Subject: [SECMECH] Summary of IETF63 secmech BOF
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org

The secmech BOF met on Tuesday morning.  We had discussion on the
standardization of EAP methods and on unifying GSS-API, SASL and EAP
mechanism development.  

We had a discussion on the status and history of EAP method development,
which has largely happened outside the IETF. This may lead to a
situation where network access interfaces are less open and
interoperable than perhaps desired. A concern was also raised that if
standards work is started in this space, it may not be good to gate this
on EAP, GSS-API, and SASL mechanism development unification.  A small
set (1-3) of EAP mechanism types should be selected for standardization
based on requirements from IETF and external SDO's.

The discussion of EAP, SASL, and GSS-API mechanism development
unification. There was discussion on several approaches to unifying
mechanism development.  There was some discussion on how closely EAP
needs to be tied in with AAA requirements.  There was discussion of
bridging vs. alternate approaches to mechanism development.  There was
no clear preference so more discussion on the list is necessary.  

The basic results of the BOF were as follows:

1. There was rough consensus that EAP method standardization is
important 2. Most people didn't care where the work was done, but there
was a preference for doing the work in the security area.
3. There was rough consensus that unifying authentication mechanism
development would be good.
4. The current proposals for mechanism development unification need to
be more concrete.
5. There was light interest in actually authoring and review drafts in
the unifying authentication mechanism area. 

Next Steps / Action Items
--------------------------
1. Collect the requirements we have for EAP methods and select a (1 - 3)
types of mechanisms to support.
2. Better define the GUAM proposal and see if there is more interest in
a more focused proposal. 
3. Submit a charter for a working group if enough document authors and
reviewers can be found in the respective areas.  

_______________________________________________
SECMECH mailing list
SECMECH@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/secmech