Agenda for IETF 55 - IPSECKEY (BOF)

IPSEC KEYing information resource record BOF

(page 1)

AGENDA:

1. Open meeting and welcome
2. Scribe and blue sheet Olafur Gudmundsson
3. Introduction Michael Richardson
4. Documents
4.1 Why the KEY record was restricted to only DNSSEC keys.

Scott Rose

see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
4.2 A method for storing IPsec keying material in DNS.

draft-richardson-ipsec-rr-00.txt
Michael Richardson

5. open mike
6. Next step. Olafur Gudmundsson
7. Charter discussion Olafur Gudmundsson
8. schedule discussion

(page 2)

Mailing list info

LIST: ipseckey@sandelman.ottawa.on.ca
Archive: http://www.sandelman.ca/lists/html/ipseckey/threads.html

email to: majordomo@sandelman.ottawa.on.ca
body "subscribe ipseckey"

(page 3)

2. Blue Sheet

(page 4)

3. Introduction

What we need for Opportunistic Encryption:

see draft-richardson-ipsec-opportunistic-10.txt

the public key (RSA) of the remote system

the IP address (v4 or v6) of the gateway
- self if in host mode

we need this data indexed by IP address, i.e. we need it in in-addr.arpa.

(page 5)

4. Documents

4.1 Why the KEY record was restricted to only DNSSEC keys.
- Scott Rose
- see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt

4.2 A method for storing IPsec keying material in DNS.
- draft-richardson-ipsec-rr-00.txt
- Michael Richardson

(page 6)

Scott Rose

Why the KEY record was restricted to only DNSSEC keys.

draft-ietf-dnsext-restrict-key-for-dnssec-04.txt

(page 7)

initial proposal

new resource record type
a series of type-length-value pairs
currently is extensible (too flexible?)

(page 8)

RR contents

A method for storing IPsec keying material in DNS.
rr-picture.pbm

(page 9)

Definitions for field types:

0 no more fields
1 priority of this entry
2 IPv4 address of the gateway for this host
3 IPv6 address of the gateway for this host
4 FQDN of the gateway for this host
5 RSA public key for the gateway

(page 10)

5. open mike

(page 11)

6. Next steps

Olafur Gudmundsson

(page 12)

7. Charter discussion

Olafur Gudmundsson

(page 13)

8. schedule discussion

(page 14)

IPSEC KEYing information resource record

Working group info
ipseckey@sandelman.ottawa.on.ca

email to: majordomo@sandelman.ottawa.on.ca
body "subscribe ipseckey"

Drafts:

draft-ietf-dnsext-restrict-key-for-dnssec-04.txt
draft-richardson-ipsec-rr-00.txt

(page 15)