Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt
"Eddy, Wesley M. (GRC-RCN0)[Verizon]" <wesley.m.eddy@nasa.gov> Thu, 12 March 2009 02:17 UTC
Return-Path: <wesley.m.eddy@nasa.gov>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 753E63A67D9 for <tcpm@core3.amsl.com>; Wed, 11 Mar 2009 19:17:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.332
X-Spam-Level:
X-Spam-Status: No, score=-6.332 tagged_above=-999 required=5 tests=[AWL=0.267, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C2p95s06vXQ8 for <tcpm@core3.amsl.com>; Wed, 11 Mar 2009 19:17:40 -0700 (PDT)
Received: from ndjsnpf01.ndc.nasa.gov (ndjsnpf01.ndc.nasa.gov [198.117.1.121]) by core3.amsl.com (Postfix) with ESMTP id 42C243A67E6 for <tcpm@ietf.org>; Wed, 11 Mar 2009 19:17:40 -0700 (PDT)
Received: from ndjsppt03.ndc.nasa.gov (ndjsppt03.ndc.nasa.gov [198.117.1.102]) by ndjsnpf01.ndc.nasa.gov (Postfix) with ESMTP id 72A143280F7; Wed, 11 Mar 2009 21:18:16 -0500 (CDT)
Received: from ndjshub02.ndc.nasa.gov (ndjshub02.ndc.nasa.gov [198.117.4.161] (may be forged)) by ndjsppt03.ndc.nasa.gov (8.14.1/8.14.1) with ESMTP id n2C2IIc5024161; Wed, 11 Mar 2009 21:18:18 -0500
Received: from NDJSSCC01.ndc.nasa.gov ([198.117.4.166]) by ndjshub02.ndc.nasa.gov ([198.117.4.161]) with mapi; Wed, 11 Mar 2009 21:18:16 -0500
From: "Eddy, Wesley M. (GRC-RCN0)[Verizon]" <wesley.m.eddy@nasa.gov>
To: Joe Touch <touch@ISI.EDU>, "tcpm@ietf.org" <tcpm@ietf.org>
Date: Wed, 11 Mar 2009 21:18:15 -0500
Thread-Topic: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt
Thread-Index: Acmg7Bbszkap8v3oTrGm8XJRjo7avwBy9VXi
Message-ID: <C304DB494AC0C04C87C6A6E2FF5603DB220CA8C6DD@NDJSSCC01.ndc.nasa.gov>
References: <20090309190001.9B1F93A69DE@core3.amsl.com>, <49B56BDC.2020205@isi.edu>
In-Reply-To: <49B56BDC.2020205@isi.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2009 02:17:41 -0000
As comments are made on this, I'm planning to put any issues identified into the issue tracker that'll be linked from our IETF tools page: http://tools.ietf.org/wg/tcpm/ that Henrik just nicely setup for us. If there are current issues people have with version 04 of the draft, and you send them to me or the list, I'll enter them in. This will be a little new for TCPM, but I think it'll help keep track of things as we finish the document off. ________________________________________ From: tcpm-bounces@ietf.org [tcpm-bounces@ietf.org] On Behalf Of Joe Touch [touch@ISI.EDU] Sent: Monday, March 09, 2009 3:19 PM To: tcpm@ietf.org Subject: Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, all, The changes to this document are summarized in the document; they include a major restructuring for readability, the addition of a key change coordination mechanism, and a clearer description of the purpose of the TSAD (now called the TAPD). Comments welcome, of course. Please do read this through, though - most if the doc has changed (hopefully for the better). The primary current open issue for SFO regards whether the key coordination mechanism requires support to prevent "backup" (changing back to a key previously used). FYI. Joe Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF. > > > Title : The TCP Authentication Option > Author(s) : J. Touch, et al. > Filename : draft-ietf-tcpm-tcp-auth-opt-04.txt > Pages : 48 > Date : 2009-03-09 > > This document specifies the TCP Authentication Option (TCP-AO), which > obsoletes the TCP MD5 Signature option of RFC-2385 (TCP MD5). TCP-AO > specifies the use of stronger Message Authentication Codes (MACs), > protects against replays even for long-lived TCP connections, and > provides more details on the association of security with TCP > connections than TCP MD5. TCP-AO is compatible with either static > master key configuration or an external, out-of-band master key > management mechanism; in either case, TCP-AO also protects > connections when using the same master key across repeated instances > of a connection, using traffic keys derived from the master key, and > coordinates key changes between endpoints. The result is intended to > support current infrastructure uses of TCP MD5, such as to protect > long-lived connections (as used, e.g., in BGP and LDP), and to > support a larger set of MACs with minimal other system and > operational changes. TCP-AO uses its own option identifier, even > though used mutually exclusive of TCP MD5 on a given TCP connection. > TCP-AO supports IPv6, and is fully compatible with the requirements > for the replacement of TCP MD5. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-auth-opt-04.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > ------------------------------------------------------------------------ > > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkm1a9wACgkQE5f5cImnZrtLSACgg0pamhFBN48BfHAQiVJlfc20 DPoAoIWbj0jCdkvrXfVyG+jATgvaBC27 =2EjV -----END PGP SIGNATURE----- _______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-opt-04… Internet-Drafts
- Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-op… Joe Touch
- Re: [tcpm] I-D Action:draft-ietf-tcpm-tcp-auth-op… Eddy, Wesley M. (GRC-RCN0)[Verizon]