Agenda for IETF 55 - IPSECKEY (BOF)
IPSEC KEYing information resource record BOF
(page 1)
AGENDA:
1. Open meeting and welcome
2. Scribe and blue sheet Olafur Gudmundsson
3. Introduction Michael Richardson
4. Documents
4.1 Why the KEY record was restricted to only DNSSEC keys.
see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
4.2 A method for storing IPsec keying material in DNS.
- draft-richardson-ipsec-rr-00.txt
- Michael Richardson
5. open mike
6. Next step. Olafur Gudmundsson
7. Charter discussion Olafur Gudmundsson
8. schedule discussion
(page 2)
Mailing list info
LIST: ipseckey@sandelman.ottawa.on.ca
Archive: http://www.sandelman.ca/lists/html/ipseckey/threads.html
email to: majordomo@sandelman.ottawa.on.ca
body "subscribe ipseckey"
(page 3)
2. Blue Sheet
(page 4)
3. Introduction
What we need for Opportunistic Encryption:
- see draft-richardson-ipsec-opportunistic-10.txt
- the public key (RSA) of the remote system
- the IP address (v4 or v6) of the gateway
- we need this data indexed by IP address, i.e. we need it in in-addr.arpa.
(page 5)
4. Documents
- 4.1 Why the KEY record was restricted to only DNSSEC keys.
- Scott Rose
- see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
- 4.2 A method for storing IPsec keying material in DNS.
- draft-richardson-ipsec-rr-00.txt
- Michael Richardson
(page 6)
Scott Rose
Why the KEY record was restricted to only DNSSEC keys.
draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
(page 7)
initial proposal
- new resource record type
- a series of type-length-value pairs
- currently is extensible (too flexible?)
(page 8)
RR contents
A method for storing IPsec keying material in DNS.
(page 9)
Definitions for field types:
- 0 no more fields
- 1 priority of this entry
- 2 IPv4 address of the gateway for this host
- 3 IPv6 address of the gateway for this host
- 4 FQDN of the gateway for this host
- 5 RSA public key for the gateway
(page 10)
5. open mike
(page 11)
6. Next steps
Olafur Gudmundsson
(page 12)
7. Charter discussion
Olafur Gudmundsson
(page 13)
8. schedule discussion
(page 14)
IPSEC KEYing information resource record
Working group info
ipseckey@sandelman.ottawa.on.ca
email to: majordomo@sandelman.ottawa.on.ca
body "subscribe ipseckey"
Drafts:
- draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
- draft-richardson-ipsec-rr-00.txt
(page 15)