[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: DRAFT: ipsec charter update

To: tytso@mit.edu, ipsec@lists.tislabs.com
Subject: RE: DRAFT: ipsec charter update
From: Black_David@emc.com
Date: Sun, 12 Aug 2001 21:28:17 -0400
Sender: owner-ipsec@lists.tislabs.com
Sorry for the delayed response, but two comments on the following:

> The IPSEC working group will restrict itself to the following short-term
> work items to improve the existing key management protocol (IKE):
> 
> 1)  Changes to IKE to support NAT/Firewall traversal 
> 
> 2)  Changes to IKE to support SCTP
> 
> 3)  New cipher documents to support AES-CBC, AES-MAC, SHA-2, and 
> 	a fast AES mode suitable for use in hardware encryptors

- The third item is not about IKE, hence the WG won't be restricted to
	IKE (as pointed out by JI and Ghislane).

- Please broaden 3) to allow other fast things that may emerge from
	the upcoming NIST modes workshop (e.g., over in the IP Storage
	WG, I have a cheering section for UMAC, or something similar).
	I presume "fast AES mode ..." translates to "counter mode, or
	something equally hardware-friendly", right?

Schedule looks good to me, this looks like any major issues with the
drafts in item 3) would be expected to be discussed in Salt Lake City
and closed there or shortly thereafter.

Thanks,
--David (IP Storage [ips] WG co-chair)

---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------

> -----Original Message-----
> From: tytso@mit.edu [mailto:tytso@mit.edu]
> Sent: Thursday, August 09, 2001 9:11 AM
> To: ipsec@lists.tislabs.com
> Subject: DRAFT: ipsec charter update
> 
> 
> 
> The IPSEC wg chairs met with Marcus Leech today, and after discussions
> and consultation with him, we have developed the following 
> draft update
> to the IPSEC working group charter.
> 
> Contained in this proposed update is a timeline for the IKE V2 work
> which was discussed at the IPSEC meeting earlier week in London.  We
> welcome comments and suggestions on improving the revised 
> working group
> charter.  We would like to submit this charter to the IESG for
> consideration by the end of August, so we would appreciate receiving
> comments within the next two weeks.
> 
> 					Barbara Fraser
> 					Theodore Ts'o
> 					IPSEC wg chairs
> 
> 
> IP Security Protocol (ipsec) 
> 
> Last Modified: 09-Aug-01
> 
> Chair(s):
> 	Barbara Fraser <byfraser@cisco.com>
> 	Theodore Ts'o <tytso@mit.edu>
> 
> Security Area Director(s): 
> 	Jeffrey Schiller <jis@mit.edu>
> 	Marcus Leech <mleech@nortelnetworks.com>
> 
> Security Area Advisor: 
> 	Jeffrey Schiller <jis@mit.edu>
> 
> Mailing Lists: 
> 	General Discussion:ipsec@lists.tislabs.com 
> 	to Subscribe: ipsec-request@lists.tislabs.com 
> 	Archive: ftp://ftp.tis.com/pub/lists/ipsec OR
> 	ftp.ans.net/pub/archive/ipsec 
> 
> Description of Working Group:
> =============================
> 
> Rapid advances in communication technology have accentuated 
> the need for
> security in the Internet.  The IP Security Protocol Working Group
> (IPSEC) will develop mechanisms to protect client protocols of IP.  A
> security protocol in the network layer will be developed to provide
> cryptographic security services that will flexibly support 
> combinations
> of authentication, integrity, access control, and confidentiality.
> 
> The IPSEC working group will restrict itself to the following 
> short-term
> work items to improve the existing key management protocol (IKE):
> 
> 1)  Changes to IKE to support NAT/Firewall traversal 
> 
> 2)  Changes to IKE to support SCTP
> 
> 3)  New cipher documents to support AES-CBC, AES-MAC, SHA-2, and 
> 	a fast AES mode suitable for use in hardware encryptors
> 
> 4)  IKE MIB documents
> 
> 5)  Sequence number extensions to ESP to support an expanded sequence
>     number space.
> 
> 6)  Clarification and standardization of rekeying procedures in IKE.
> 
> The working group will also update IKE to reflect implementation
> experience, new requirements, and protocol analysis of the existing
> protocol.  The requirements for IKE V2 will be revised and updated as
> the first step in this process.
> 
> Goals and Milestones:
> =====================
> 
> Aug 01	Internet Drafts on NAT and Firewall traversal, 
> IKE MIBs, and 
> 	requirements for IPsec and IKE for use with SCTP, to working 
> 	group last call.
> 
> Sep 01	Submit revised Internet-Drafts of NAT and 
> Firewall traversal, IKE 
> 	MIBs, and SCTP support for considerations as Draft Standards.
> 
> Oct 01	Internet-Drafts on sequence number expansion in 
> IKE, and IKE 
> 	re-keying completed.
> 
> Dec 01	Internet-Drafts on AES/SHA-2, sequence number 
> expansion, and IKE 
> 	re-keying to working group last call.
> 
> Dec 01	Internet-Draft on IKE v2 Requirements to 
> working group last call
> 
> Dec 01	Internet-Drafts describing candidate IKE v2 
> approaches submitted
> 	to the working group.
> 
> Feb 01	Submit revised Internet-Drafts on AES/SHA-2, 
> sequence number 
> 	expansion, and IKE rekeying for consideration as Draft 
> Standards.
> 
> Apr 02	Discuss and select the IKE v2 design from 
> candidate approaches.
> 
> Sep 02	IKE v2 Internet-Drafts to working group last call
> 
> Dec 02	Submit IKE v2 Internet-Drafts to the IESG for 
> consideration as 
> 	Proposed Standards.
> 
> 
> 
>
Prev by Date: Re: Is base mode dead?
Next by Date: RE: Simplifying IKE
Prev by thread: Re: DRAFT: ipsec charter update
Next by thread: Entrust CA services for Espoo IPSec interop event
Index(es):
- Main
- Thread