[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[TLS] [67th IETF] SPKM3 BOF announcement

To: saag@xxxxxxx, kitten@xxxxxxxx, nfsv4@xxxxxxxx, tls@xxxxxxxxxxxxxx, ietf-pkix@xxxxxxx, spkm@xxxxxxxx
Subject: [TLS] [67th IETF] SPKM3 BOF announcement
From: Olga Kornievskaia <aglo@xxxxxxxxxxxxxx>
Date: Tue, 03 Oct 2006 11:33:09 -0400
Cc:
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
User-agent: Thunderbird 1.5.0.7 (X11/20060913)

We would like to announce the following BOF for the 67th IETF meeting.

BOF name: NFSv4 and Low Infrastructure Public Key Based GSS SecurityMechanisms

Area: Security Area
Chair: Jeffrey Hutzelman

If this topic is of interest to you please email your questions andconcerns to the mail list (spkm@xxxxxxxx).


Problem Statement:

The NFSv4 protocol has a need for low infrastructure PKI based GSSsecurity mechanism(s) that provide for the creation of a secure channelusing mutual authentication where1) both user and server authenticate with public key certificates2) server authenticates with public key certificates, and the userauthenticates with a username and password.Current State:RFC3530 "Network File System (NFS) version 4 Protocol" mandates theuse of RFC2847 "LIPKEY - A Low Infrastructure Public Key Mechanism UsingSPKM". While RFC2847 fulfills the requirements of the problemstatement, there are areas where RFC2847 is outdated and/orunderspecified. Futhermore, RFC2847 both replaces and refers to portionsof RFC2025 "The Simple Public-Key GSS-API Mechanism (SPKM)" and isconfusing to implementers. None the less, there are two implementations(Hummingbird and Linux) based upon RFC2847.draft-adamson-rfc2847-bis-01.txt, an update of RFC2847, is intended toaddress RFC2847 shortcomings and provide a complete specification thatdoesn't need [RFC2025] and that replaces [RFC2847].

Agenda:

1) Need for a low infrastructure PK based GSS security mechanism forNFSV4

       - what is low infrastructure
       - existing markets
       - current implementations
   2) draft-adamson-rfc2847-bis-01.txt
       - issues brought up by IESG review
           - naming
           - algorithms
           - which diffie-hellman
           - clarify protocol security claims
           - whole document review
       - backwards compatibility with RFC2847 based implementations
   3) moving forward
       - finish draft-adamson-rfc2847-bis-01.txt
           - get draft into shape to submit to for IESG comments.
           - find reviewers
           - explore alternative GSS mechanisms


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Prev by Date: RE: [TLS] Follow-up to comments on draft-linn-otp-tls-00
Previous by thread: [TLS] Follow-up to comments on draft-linn-otp-tls-00
Index(es):
- Date
- Thread