[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New IDs for workgroup

To: ipsec@tis.com
Subject: New IDs for workgroup
From: Robert Moskowitz <rgm3@chrysler.com>
Date: Wed, 02 Jul 1997 12:32:33 -0400
Reply-To: rgm3@chrysler.com
Sender: owner-ipsec@ex.tis.com

Ted and I have completed an intense process of review of the current
position of this workgroup and the creation of new IDs or the update of
existing IDs to move us to closure.

I have just instructed the authors of the following documents to submit
them for publishing as IDs:

draft-ietf-ipsec-Doc-Roadmap-00.txt
draft-ietf-ipsec-auth-hmac-md5-96-00.txt				*
draft-ietf-ipsec-auth-hmac-sha-1-96-00.txt			*
draft-ietf-ipsec-ciph-des-derived-iv-00.txt
draft-ietf-ipsec-ciph-des-explicit-iv-00.txt
draft-ietf-ipsec-ciph-3des-derived-iv-00.txt		(placeholder)
draft-ietf-ipsec-ciph-cast-128-cbc-00.txt				*
draft-ietf-ipsec-ciph-rc5-cbc-00.txt				*
draft-ietf-ipsec-ciph-idea-00.txt
draft-ietf-ipsec-ciph-blowfish-00.txt
draft-ietf-ipsec-cbc-00.txt

The following documents are at some state of readying for version updates
(perhaps this week):

The resolution of ISAKMP with Oakley
The Internet IP Security Domain of Interpretation for ISAKMP
IP Encapsulating Security Payload (ESP)
IP Authentication Header

This will be a lot of reading for all of you.  As a degreed ecologist
(along with CPS :), I admit that I have just killed an old growth douglas
fir in the name of Internet Security :).  But then I know how much so many
of you like reading this stuff.

For the new documents, when they come out in the next couple of days, read
them carefully.  The Document Roadmap is important glue.  See if it helps
you navigate between the various IPsec documents.

The auth documents were designed to work for both AH and new ESP.  See if
they do, for you.

The ciph documents were designed around a consistant outline that is in the
Roadmap; see if you can transition from one to the next.

There were 2 important areas where only very rough concensus was reached
and it will be important for the workgroup to consider these.

First off, we have come up with the terminology of derived and explicit
IVs.  There are 2 DES IDs, one working each way.  The 3DES, is only
derived, and my understanding is that all of the other ciphers use an
explicit IV.  Ted and I, along with the authors that feel strongly on this
will construct the issues surrounding this.  And we will see where it goes.

Then there is the KEYMAT challenge, frequently called 'slicing and dicing'.
 I will know later today which document the strawman will show up in.
There we two good proposals.  One will end up in a document, I will see to
it that the other gets posted to the list.  As this is important for
interoperable implementations, I expect that this can be resolved this month.

The IPsec work group is made up of many individuals grouping into a few
common interests.  Everyone, please respect each other.  Keep the
discussion professional.  And remember that the most effective argument is
an alternate wording of a section of an ID.


Robert Moskowitz
Chrysler Corporation
(810) 758-8212

Follow-Ups:

Re: New IDs for workgroup

From: Robert Moskowitz <rgm3@chrysler.com>

Prev by Date: Re: ISAKMP SA negotiation
Next by Date: CFP: 1998 SNDSS (updated; last reminder!)
Prev by thread: RE: SA negotiation
Next by thread: Re: New IDs for workgroup
Index(es):
- Main
- Thread