[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Oakley draft

To: ipsec@neptune.tis.com
Subject: Oakley draft
From: Hilarie Orman <ho@cs.arizona.edu>
Date: Tue, 20 Feb 1996 17:16:57 -0700
Sender: ipsec-request@neptune.tis.com

I've recently submitted a draft for a key exchange protocol named
Oakley; the draft will be available in the archives and also as
http://www.cs.arizona.edu/xkernel/Papers/draft-ietf-ipsec-oakley-00.txt.

The technical rationale for Oakley is that two parties can establish
variation in the underlying problem facing a concerted passive attacker
who has recorded traffic and extensive time and resources.  The algorithms
are not new --- just Diffie-Hellman, encryption, etc., but the combinations
may provide a good degree of confidence in long-term privacy.

Oakley is intended for key exchange only; it separates the
establishment and naming of keying material from its eventual use.
The design stands on its own, but allows it (or will allow it) to be a
component of ISAKMP for establishing AH/ESP security associations.

I am distributing the Oakley draft even though it is far from complete
or perfect; the imperfections afflict many particulars.  It is my hope
that its basic precepts can be understood and discussed now, and this
will indicate if it has any merit within the working group.

I'd like to note that undertaking this task has been a humbling
experience (even without yet experiencing the lively public
commentary that draft writers provoke), and I take my hat off to those
who have trodden the draft path ahead of me.  If you will be at the ISOC
SNDSS meeting, you'll see on Friday that I have bought a hat
specifically for this purpose.

Prev by Date: Re: Bandwidth reservation and AH, and non-MD5 based AH.
Next by Date: I-D ACTION:draft-ietf-ipsec-oakley-00.txt
Prev by thread: Re: Bandwidth reservation and AH, and non-MD5 based AH.
Next by thread: I-D ACTION:draft-ietf-ipsec-oakley-00.txt
Index(es):
- Main
- Thread