[tcpm] draft-weis-tcp-auth-auto-ks-00
Brian Weis <bew@cisco.com> Thu, 16 March 2006 21:51 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FK0Nv-0005Ic-LR; Thu, 16 Mar 2006 16:51:55 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FK0Nu-0005IQ-Oq for tcpm@ietf.org; Thu, 16 Mar 2006 16:51:54 -0500
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FK0Nt-0002Jl-Fz for tcpm@ietf.org; Thu, 16 Mar 2006 16:51:54 -0500
Received: from sj-core-4.cisco.com ([171.68.223.138]) by sj-iport-5.cisco.com with ESMTP; 16 Mar 2006 13:51:53 -0800
X-IronPort-AV: i="4.02,198,1139212800"; d="scan'208"; a="262420514:sNHT28990864"
Received: from [128.107.163.101] (dhcp-128-107-163-101.cisco.com [128.107.163.101]) by sj-core-4.cisco.com (8.12.10/8.12.6) with ESMTP id k2GLpqYg029331 for <tcpm@ietf.org>; Thu, 16 Mar 2006 13:51:52 -0800 (PST)
Message-ID: <4419DDF9.2010006@cisco.com>
Date: Thu, 16 Mar 2006 13:51:53 -0800
From: Brian Weis <bew@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: tcpm@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Subject: [tcpm] draft-weis-tcp-auth-auto-ks-00
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org
Greetings, The TCP Extended Authentication draft (draft-bonica-tcp-auth-04.txt) describes key lists, where keys are manually added to the key lists. There are operational and security advantages for TCP endpoints automatically deriving TCP Extended Authentication session keys. The following draft proposes a light-weight mechanism for automatically deriving these keys. http://www.ietf.org/internet-drafts/draft-weis-tcp-auth-auto-ks-00.txt The abstract in the I-D says: This memo describes an automated key selection extension for the TCP [RFC0793] authentication option [I-D.bonica-tcp-auth]. This key selection extension allows two TCP endpoints to authenticate TCP segments using a Message Authentication Code (MAC) key chosen dynamically by an endpoint, rather than using a pre-configured MAC key. Comments are appreciated. Thanks, Brian -- Brian Weis Advanced Security Development, Security Technology Group, Cisco Systems Telephone: +1 408 526 4796 Email: bew@cisco.com _______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] draft-weis-tcp-auth-auto-ks-00 Brian Weis
- [tcpm] regarding the TCP/MD5 updates Joe Touch