Internet-Drafts | 5 Jul 21:50 2005

I-D ACTION:draft-ietf-btns-prob-and-applic-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Better-Than-Nothing Security Working Group of the IETF.

	Title		: Problem and Applicability Statement for Better
                          Than Nothing Security (BTNS)
	Author(s)	: J. Touch, et al.
	Filename	: draft-ietf-btns-prob-and-applic-00.txt
	Pages		: 20
	Date		: 2005-7-5
   The Internet network security protocol suite, IPsec, consisting of 
   IKE, ESP, and AH, currently requires authentication via IKE of 
   network layer entities to bootstrap security. This authentication can 
   be based on mechanisms such as pre-shared symmetric keys, pre-shared 
   certificates and associated asymmetric keys, or the use of Kerberos. 
   The need for authentication information and its associated identities 
   between network layer entities can be a significant obstacle to 
   deploying network security.  This document explains the rationale for 
   extending to the Internet network security suite to enable use of 
   IPsec security mechanisms without full IKE authentication. These 
   extensions are intended to protect communication ^better than 
   nothing^ (BTNS) on their own (Stand Alone BTNS, or SAB), and may be 
   useful in providing network layer security that can be authenticated 
   by higher layers in the protocol stack, called Channel Bound BTNS 
   (CBB). This document also explains situations in which use of SAB and 
   CBB extensions are appropriate and can achieve their intended 

A URL for this Internet-Draft is:
(Continue reading)

Joe Touch | 5 Jul 23:54 2005

Re: Tagging or rate limiting: please consider another ML and a BOF (was Re: next task, applicability statement)

Hi, all,

As per Pekka's suggestion (below), a separate mailing list has been
created for discussions of tagging/rate limiting issues:

	triage <at>

The website is



Pekka Nikander wrote:
> Dear Stephen and Joe,
> While I find your recent discussion at the BTNS WG mailing
> list interesting, I also think that a large part of it does
> not belong to this WG.  Some of the issues seems be of
> relevance, and most probably should be recorded somewhere in
> the forthcoming applicability document.
> However, what comes to the proposal to create a new protocol,
> or variant of AH or ESP, that would provide some kind of an
> early lightweight verification (tagging or cookies) to be
> performed before AH or ESP integrity verification, that clearly
> falls outside the scope of this WG, as I think you duly noted.
> On the other hand, personally I find the proposal quite
> interesting, and would suggest creating another mailing list
(Continue reading)

Love Hörnquist Åstrand | 25 Jul 15:43 2005

Agenda for IETF63


This is the agenda I submitted for IETF-63 (due today). If you have any
comments, please send them and I'll make sure they appear in the agenda


Better-Than-Nothing Security (btns)

Agenda at IETF-63

Pekka Nikander <Pekka.Nikander <at>>
Love Hornquist Astrand <lha <at>>


Preliminaries - Love and Pekka (5 min)
  - Introduction
  - Blue Sheets
  - Scribe, Jabber
  - Agenda Bashing

Document Status - Love and Pekka (5 min)
  - Problem and Applicability Statement for BTNS

Technical Discussion (45 min)
(Continue reading)