[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[IPSECKEY] IPSEC KEYing information resource record BOF (ipseckey)




Dan, re: BOF announcement, my copy reads:

BOF description

IPSEC KEYing information resource record BOF (ipseckey)

time
===============================

CHAIRS:	Michael Richardson <mcr@sandelman.ottawa.on.ca>
	Olafur Gudmundsson <ogud@ogud.com>

MAILING LIST:	ipseckey-request@sandelman.ca
Archive:	http://www.sandelman.ca/lists/html/ipseckey/

DESCRIPTION:

IP security public KEY in DNS (ipseckey)

This effort has a goal of designing a IPSEC specific resource record for the
domain name system (DNS) to replace the functionality of the IPSEC sub-type
of the KEY resource record.

Original DNSSEC specification explicitly specified flags on KEY resource
records for use by IPSEC. Experience has show this to cause operational
problems. DNSEXT working group is restricting the use of the KEY record to
DNS uses only. IPSEC keying via DNS thus needs a new resource record.

The scope of work is to identify what information is needed in a
IPSEC specific keying resource record. The contents of the resource record
are not limited to only the information that is in the DNS KEY record but
also contains useful IPSEC information information.

The general problems of key management, and semantic content of the data
stored in the resource record is beyond the scope of this effort. This
effort is limited to syntactic issues only. Semantics of the contained
information is left to future deployment documents to define. 

The resulting resource record should be extensible for new uses.

This effort is specific to providing IPSEC information in DNS.
All other distributed channels are out of scope.

PROPOSED SCHEDULE

DEC 02		Solicit various proposals on what information is needed in
		IPSEC specific KEYing record.

FEB 02		First draft of consensus RR proposal

APR 02		Advance Document to IESG

AGENDA: 

1.   Open meeting and welcome
2.   Scribe and blue sheet
3.   Introduction                                       Michael Richardson
4.   Documents
4.1  Why the KEY record was restricted to only DNSSEC keys.
     Dan Massey <masseyd@isi.edu>
 www.ietf.org/internet-drafts/draft-ietf-dnsext-restrict-key-for-dnssec-04.txt

4.2  Requirements.

4.n  Any IPSECKEY proposal that have shown up by Atlanta.

5.  open mike

6.  Next step.

7.  Charter discussion

8.  schedule discussion

$Id: ipseckey.txt,v 1.6 2002/10/04 18:39:37 mcr Exp $


-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.