[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DRAFT: ipsec charter update




I would like to see the following changes to IKE included in the charter:

     * Ability to specify the IPsec SPD description in a flexible manner
       in Quick mode.

Currently, the ID payload is overloaded to carry the SPD semantics
in a rather inflexible manner in Quick mode. As such, this has become a
deterrent to successful IKE deployment in many instances.

regards,
suresh

--- tytso@mit.edu wrote:
> 
> The IPSEC wg chairs met with Marcus Leech today, and after discussions
> and consultation with him, we have developed the following draft update
> to the IPSEC working group charter.
> 
> Contained in this proposed update is a timeline for the IKE V2 work
> which was discussed at the IPSEC meeting earlier week in London.  We
> welcome comments and suggestions on improving the revised working group
> charter.  We would like to submit this charter to the IESG for
> consideration by the end of August, so we would appreciate receiving
> comments within the next two weeks.
> 
> 					Barbara Fraser
> 					Theodore Ts'o
> 					IPSEC wg chairs
> 
> 
> IP Security Protocol (ipsec) 
> 
> Last Modified: 09-Aug-01
> 
> Chair(s):
> 	Barbara Fraser <byfraser@cisco.com>
> 	Theodore Ts'o <tytso@mit.edu>
> 
> Security Area Director(s): 
> 	Jeffrey Schiller <jis@mit.edu>
> 	Marcus Leech <mleech@nortelnetworks.com>
> 
> Security Area Advisor: 
> 	Jeffrey Schiller <jis@mit.edu>
> 
> Mailing Lists: 
> 	General Discussion:ipsec@lists.tislabs.com 
> 	to Subscribe: ipsec-request@lists.tislabs.com 
> 	Archive: ftp://ftp.tis.com/pub/lists/ipsec OR
> 	ftp.ans.net/pub/archive/ipsec 
> 
> Description of Working Group:
> =============================
> 
> Rapid advances in communication technology have accentuated the need for
> security in the Internet.  The IP Security Protocol Working Group
> (IPSEC) will develop mechanisms to protect client protocols of IP.  A
> security protocol in the network layer will be developed to provide
> cryptographic security services that will flexibly support combinations
> of authentication, integrity, access control, and confidentiality.
> 
> The IPSEC working group will restrict itself to the following short-term
> work items to improve the existing key management protocol (IKE):
> 
> 1)  Changes to IKE to support NAT/Firewall traversal 
> 
> 2)  Changes to IKE to support SCTP
> 
> 3)  New cipher documents to support AES-CBC, AES-MAC, SHA-2, and 
> 	a fast AES mode suitable for use in hardware encryptors
> 
> 4)  IKE MIB documents
> 
> 5)  Sequence number extensions to ESP to support an expanded sequence
>     number space.
> 
> 6)  Clarification and standardization of rekeying procedures in IKE.
> 
> The working group will also update IKE to reflect implementation
> experience, new requirements, and protocol analysis of the existing
> protocol.  The requirements for IKE V2 will be revised and updated as
> the first step in this process.
> 
> Goals and Milestones:
> =====================
> 
> Aug 01	Internet Drafts on NAT and Firewall traversal, IKE MIBs, and 
> 	requirements for IPsec and IKE for use with SCTP, to working 
> 	group last call.
> 
> Sep 01	Submit revised Internet-Drafts of NAT and Firewall traversal, IKE 
> 	MIBs, and SCTP support for considerations as Draft Standards.
> 
> Oct 01	Internet-Drafts on sequence number expansion in IKE, and IKE 
> 	re-keying completed.
> 
> Dec 01	Internet-Drafts on AES/SHA-2, sequence number expansion, and IKE 
> 	re-keying to working group last call.
> 
> Dec 01	Internet-Draft on IKE v2 Requirements to working group last call
> 
> Dec 01	Internet-Drafts describing candidate IKE v2 approaches submitted
> 	to the working group.
> 
> Feb 01	Submit revised Internet-Drafts on AES/SHA-2, sequence number 
> 	expansion, and IKE rekeying for consideration as Draft Standards.
> 
> Apr 02	Discuss and select the IKE v2 design from candidate approaches.
> 
> Sep 02	IKE v2 Internet-Drafts to working group last call
> 
> Dec 02	Submit IKE v2 Internet-Drafts to the IESG for consideration as 
> 	Proposed Standards.
> 
> 
> 
> 


=====


__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/


References: