Re: [SECMECH] Summary of IETF63 secmech BOF

Charles Clancy <clancy@cs.umd.edu> Thu, 04 August 2005 08:40 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E0bHJ-0005zm-95; Thu, 04 Aug 2005 04:40:37 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E0bHG-0005zh-T1 for secmech@megatron.ietf.org; Thu, 04 Aug 2005 04:40:35 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA12404 for <secmech@ietf.org>; Thu, 4 Aug 2005 04:40:32 -0400 (EDT)
Received: from carrierpigeon.cs.umd.edu ([128.8.129.58]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1E0bo5-0005TU-30 for secmech@ietf.org; Thu, 04 Aug 2005 05:14:32 -0400
Received: from ismene (ismene.cs.umd.edu [128.8.126.62]) by carrierpigeon.cs.umd.edu (8.12.10/8.12.5) with ESMTP id j748eIfD005811 for <secmech@ietf.org>; Thu, 4 Aug 2005 04:40:18 -0400 (EDT)
Date: Thu, 4 Aug 2005 04:35:19 -0400 (EDT)
From: Charles Clancy <clancy@cs.umd.edu>
X-X-Sender: clancy@ismene
To: secmech@ietf.org
Subject: Re: [SECMECH] Summary of IETF63 secmech BOF
In-Reply-To: <7210B31550AC934A8637D6619739CE6905A0DD92@e2k-sea-xch2.sea-alpha.cisco.com>
Message-ID: <Pine.GSO.4.60.0508040413340.13855@ismene>
References: <7210B31550AC934A8637D6619739CE6905A0DD92@e2k-sea-xch2.sea-alpha.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Cc:
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org

> Next Steps / Action Items
> --------------------------
> 1. Collect the requirements we have for EAP methods and select a (1 - 3) 
> types of mechanisms to support.

I'd suggest the so-called "Housley Criteria", as documented by section 6.2 
of draft-ietf-eap-keying, and expanded on in section 4 of 
draft-housley-aaa-key-mgmt as a good set of technical requirements. 
These are a superset of the WLAN EAP requirements (RFC 4017).  These 
include:

* Extensible ciphersuite
* Establish strong, fresh session keys
* Maintain algorithm independence
* Include replay detection mechanism
* Authenticate all parties
* Maintain confidentiality of authenticator
* No plaintext passwords
* Perform client and NAS authorization
* Maintain confidentiality of session keys
* Confirm selection of "best" ciphersuite
* Uniquely name session keys
* Compromise of a single NAS cannot compromise any other part of the
   system, including session keys and long-term keys
* Bind key to appropriate context

As for methods to select, I proposed EAP-PAX (draft-clancy-eap-pax) and 
EAP-TLS (RFC 2716).  EAP-PAX is a non-tunneled, shared-key method 
supporting key management, provisioning, and identity protection.  It 
satisfies all the aforementioned requirements.  EAP-TLS would require some 
minor updates to meet the requirements, but would make a solid public-key 
standards-track method.

[ t. charles clancy ]--[ tcc@umd.edu ]--[ www.cs.umd.edu/~clancy ]
[ computer science ]-----[ university of maryland | college park ]

_______________________________________________
SECMECH mailing list
SECMECH@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/secmech