Key Management Proposal

[hughes@hughes.network.com (James P. Hughes)]

Network Systems would like the opportunity to present a proposal for key
management at the next IETF.

NSC has implemented a 2 message interactive authentication, key management,
algorithm negotiation protocol. The device uses RSA for authentication, D-H
for key exchange, a number of symmetric ciphers, MD5 for data integrity and
also provides data compression.

Public keys are distributed (at this time) via sneakernet, but in the
future, it would be desirable to implement secure DNS to reliably get the
public keys.

At this time, NSC intends to offer this protocol and message formats to the
IPSEC working group for their consideration. NSC does have the rights to
use IDEA, RSA and D-H in this product, but NSC does not have any rights to
offer these patents to the IETF at large.

NSC would like to offer this protocol and to discuss the relative merits of
this as an actual implementation. Regardless of what is adopted, NSC
intends to follow the recommendations and implement the results of the
IPSEC working group.

If the group is interested, a set of working prototypes could be brought to
the next IETF. The press release can be obtained via Mosaic from:
	http://www.network.com/external/news_releases/security.shtml

jim

---

• Prev by Date: Re: Modular approach to key management
• Next by Date: Re: Modular approach to key management
• Prev by thread: Re: SKIP and interactive key management
• Next by thread: IPSEC at Dec IETF
• Index(es):
  • Main
  • Thread