headers
Turner, Sean P. | 1 Apr 2008 17:56

SMIME WG summary

This is a summary of the SMIME WG meeting held in Philadelphia as part of
IETF 71.

The S/MIME WG met immediately after SAAG on Thursday, March 13 2008.  Mr.
Turner provided a status overview of the WG:
 - There has been one new RFC since the last IETF: CAdES was published as
RFC5126
 - There is one ID with the RFC editor: draft-ietf-smime-symkeydist
 - There are two drafts working out IESG comments: 
      draft-ietf-smime-ibarch and draft-ietf-smime-bfibecms
 - There are two drafts working out IETF LC comments:
      draft-ietf-smime-sha2 and draft-ietf-smime-multsig
 - There is one draft working out an IPR statement: draft-ietf-smime-rsa-kem
 - There are four active IDs in the working group: S/MIME MSG and CERT v3.2,
an ASN.1 modules update, and an Update to ECC use with CMS.

Mr. Turner presented the status of the S/MIME v3.2 IDs.  The big change was
to remove the ECC algorithms: ECDSA and ECDH from both IDs.  The rationale
was that they are IPR issues and they are better situated in an
informational ID rather than the base IDs.  The one remaining issue in the
S/MIME v3.2 IDs is to settle on the key size text.  The key size text will
be discussed on the mailing list.

Mr. Turner presented the status of the Update to ECC use with CMS ID.
Updates to RFC 3278 include allowing the use of the SHA2 family of hash
algorithms, adding the OIDS for these algorithms, and adding the OIDs for
ECDSA with these algorithms.  Comments are encourages as the ID is quite
short.

Mr. Schaad presented the status of the ASN.1 modules update ID.  He
(Continue reading)

Permalink | Reply | 0 comments |
headers
Magnus Westerlund | 7 Apr 2008 17:09
Picon
Favicon

TSVWG last call on "UDP Usage Guidelines for Application Designers" to BCP

Hi,

I would like to inform that currently TSVWG has started the WG last call
on "UDP Usage Guidelines for Application Designers"
(draft-ietf-tsvwg-udp-guidelines-06) with the intended status of BCP. It
runs until the 21st of April. If you like to provide any comments please
send them to the TSVWG mailing list (tsvwg <at> ietf.org).

Abstract:

    The User Datagram Protocol (UDP) provides a minimal, message-passing
    transport that has no inherent congestion control mechanisms.
    Because congestion control is critical to the stable operation of the
    Internet, applications and upper-layer protocols that choose to use
    UDP as an Internet transport must employ mechanisms to prevent
    congestion collapse and establish some degree of fairness with
    concurrent traffic.  This document provides guidelines on the use of
    UDP for the designers of such applications and upper-layer protocols.
    Congestion control guidelines are a primary focus, but the document
    also provides guidance on other topics, including message sizes,
    reliability, checksums and middlebox traversal.

http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-udp-guidelines-06.txt

Best Regards

Magnus Westerlund

IETF Transport Area Director & TSVWG Chair
----------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Manuel.A.Offenberg | 7 Apr 2008 18:27
Picon
Favicon

Manuel A Offenberg has limited access to email.


I will be out of the office starting  04/07/2008 and will not return until
04/11/2008.

May have intermittent access to email. For emergencies, please contact me
on my cell (415) 235 8917 or Jim Dykes at (720) 684-2601.

Kind regards,
Manuel Offenberg
Permalink | Reply | 0 comments |
headers
Katrin Höper | 16 Apr 2008 23:55
Picon

Invitation to subscribe to IETF proxy mailing list

Hi,

 

Security problems related to network proxies persistently come up in several IETF WGs and may affect the security of existing IETF network solutions while slowing down the progress of some current Internet Drafts.

 

For this reason, Tim Polk and I organized an informal meeting in Philadelphia at IETF 71 to discuss these so-called "proxy problems" and their implications. As a result of our meeting, a proxy email list was created to further investigate the proxy problems.

 

This email serves as an invitation to anybody interested to join our discussions on the list. Please subscribe at: https://www.ietf.org/mailman/listinfo/proxies

 

Best regards,

Katrin Hoeper

 ______________________________________________

Katrin Hoeper
Computer Security Division
National Institute of Standards and Technology (NIST)
100 Bureau Dr. Mail stop: 8930
Gaithersburg, MD 20878
(301) 975 - 4024

_______________________________________________
Emu mailing list
Emu <at> ietf.org
https://www.ietf.org/mailman/listinfo/emu
Permalink | Reply | 0 comments |
headers
Richard Barnes | 17 Apr 2008 04:21
Picon

Re: Invitation to subscribe to IETF proxy mailing list

Katrin,

Could you clarify what type of "proxies" are being discussed on this 
list?  What layers of the stack are you looking at?
Network: Mobile IP Home Agents
Transport: TURN servers
Application: HTTP proxies, SIP proxies
Or are you looking at the concept of proxying in general?

The text of both messages in the list archive seemed pretty agnostic, 
but there were attachments discussing AAA proxies.  Is AAA the focus of 
this list?

--Richard

Katrin Höper wrote:
> Hi,
> 
>  
> 
> Security problems related to network proxies persistently come up 
> in several IETF WGs and may affect the security of existing IETF network 
> solutions while slowing down the progress of some current Internet Drafts.
> 
>  
> 
> For this reason, Tim Polk and I organized an informal meeting in 
> Philadelphia at IETF 71 to discuss these so-called "proxy problems" and 
> their implications. As a result of our meeting, a proxy email list was 
> created to further investigate the proxy problems.
> 
>  
> 
> This email serves as an invitation to anybody interested to join 
> our discussions on the list. Please subscribe at: 
> https://www.ietf.org/mailman/listinfo/proxies
> 
>  
> 
> Best regards,
> 
> Katrin Hoeper
> 
>  ______________________________________________
> 
> Katrin Hoeper
> Computer Security Division
> National Institute of Standards and Technology (NIST)
> 100 Bureau Dr. Mail stop: 8930
> Gaithersburg, MD 20878
> (301) 975 - 4024
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> saag mailing list
> saag <at> mit.edu
> http://mailman.mit.edu/mailman/listinfo/saag
Permalink | Reply | 3 comments |
headers
Bernard Aboba | 17 Apr 2008 07:58

Re: Invitation to subscribe to IETF proxy mailing list

> The text of both messages in the list archive seemed pretty agnostic, 
> but there were attachments discussing AAA proxies.  Is AAA the focus of 
> this list?

If so, why isn't this being handled in the O&M Area?
Permalink | Reply | 0 comments |
headers
Manuel.A.Offenberg | 17 Apr 2008 19:22
Picon
Favicon

Manuel A Offenberg has limited access to email.


I will be out of the office starting  04/15/2008 and will not return until
04/18/2008.

May have intermittent access to email. For emergencies, please contact me
on my cell (415) 235 8917 or Jim Dykes at (720) 684-2601.

Kind regards,
Manuel Offenberg
Permalink | Reply | 0 comments |
headers
Katrin Höper | 17 Apr 2008 21:30
Picon

Re: Invitation to subscribe to IETF proxy mailing list

Hello Richard,
 
We decided to use AAA proxies as a starting point for our discussion for simplicity. In addition, people present at the initial meeting were most familar with these type of proxies and the security issues they introduce.
The long-term (and ideal) goal of the list could be to extend the results of the AAA discussion in order to adress proxy-related security issues in general. However, for now we will focus on AAA proxies.
 
Katrin
On Wed, Apr 16, 2008 at 10:21 PM, Richard Barnes <rbarnes <at> bbn.com> wrote:
Katrin,

Could you clarify what type of "proxies" are being discussed on this list?  What layers of the stack are you looking at?
Network: Mobile IP Home Agents
Transport: TURN servers
Application: HTTP proxies, SIP proxies
Or are you looking at the concept of proxying in general?

The text of both messages in the list archive seemed pretty agnostic, but there were attachments discussing AAA proxies.  Is AAA the focus of this list?

--Richard



Katrin Höper wrote:
Hi,

 
Security problems related to network proxies persistently come up in several IETF WGs and may affect the security of existing IETF network solutions while slowing down the progress of some current Internet Drafts.

 
For this reason, Tim Polk and I organized an informal meeting in Philadelphia at IETF 71 to discuss these so-called "proxy problems" and their implications. As a result of our meeting, a proxy email list was created to further investigate the proxy problems.

 
This email serves as an invitation to anybody interested to join our discussions on the list. Please subscribe at: https://www.ietf.org/mailman/listinfo/proxies

 
Best regards,

Katrin Hoeper

 ______________________________________________

Katrin Hoeper
Computer Security Division
National Institute of Standards and Technology (NIST)
100 Bureau Dr. Mail stop: 8930
Gaithersburg, MD 20878
(301) 975 - 4024


------------------------------------------------------------------------

_______________________________________________
saag mailing list
saag <at> mit.edu
http://mailman.mit.edu/mailman/listinfo/saag


<div>
<div>Hello Richard, </div>
<div>&nbsp;</div>
<div>We decided to use AAA proxies as a starting point for our discussion for simplicity. In addition, people present at the initial meeting were most familar with these type of proxies and the security issues they introduce.<br>
</div>
<div>The long-term (and ideal) goal of the&nbsp;list could be to extend the results of the AAA discussion in order to adress proxy-related security issues in general. However, for now we will focus on AAA proxies.</div>
<div>&nbsp;</div>
<div>Katrin<br>
</div>
<div class="gmail_quote">On Wed, Apr 16, 2008 at 10:21 PM, Richard Barnes &lt;<a href="mailto:rbarnes <at> bbn.com">rbarnes <at> bbn.com</a>&gt; wrote:<br><blockquote class="gmail_quote">Katrin,<br><br>Could you clarify what type of "proxies" are being discussed on this list? &nbsp;What layers of the stack are you looking at?<br>
Network: Mobile IP Home Agents<br>Transport: TURN servers<br>Application: HTTP proxies, SIP proxies<br>Or are you looking at the concept of proxying in general?<br><br>The text of both messages in the list archive seemed pretty agnostic, but there were attachments discussing AAA proxies. &nbsp;Is AAA the focus of this list?<br><br>--Richard<br><br><br><br>Katrin H&ouml;per wrote:<br><blockquote class="gmail_quote">
<div>
<div></div>
<div class="Wj3C7c">Hi,<br><br>&nbsp;<br>Security problems related to network proxies persistently come up in several IETF WGs and may affect the security of existing IETF network solutions while slowing down the progress of some current Internet Drafts.<br><br>&nbsp;<br>For this reason, Tim Polk and I organized an informal meeting in Philadelphia at IETF 71 to discuss these so-called "proxy problems" and their implications. As a result of our meeting, a proxy email list was created to further investigate the proxy problems.<br><br>&nbsp;<br>This email serves as an invitation to anybody interested to join our discussions on the list. Please subscribe at: <a href="https://www.ietf.org/mailman/listinfo/proxies" target="_blank">https://www.ietf.org/mailman/listinfo/proxies</a><br><br>&nbsp;<br>Best regards,<br><br>Katrin Hoeper<br><br>&nbsp;______________________________________________<br><br>Katrin Hoeper<br>Computer Security Division<br>National Institute of Standards and Technology (NIST)<br>100 Bureau Dr. Mail stop: 8930<br>
Gaithersburg, MD 20878<br>(301) 975 - 4024<br><br><br>
</div>
</div>------------------------------------------------------------------------<br><br>_______________________________________________<br>saag mailing list<br><a href="mailto:saag <at> mit.edu" target="_blank">saag <at> mit.edu</a><br><a href="http://mailman.mit.edu/mailman/listinfo/saag" target="_blank">http://mailman.mit.edu/mailman/listinfo/saag</a><br>
</blockquote>
<br>
</blockquote>
</div>
<br>
</div>
Permalink | Reply | 1 comment |
headers
Paul Hoffman | 17 Apr 2008 22:32

Re: Invitation to subscribe to IETF proxy mailing list

>We decided to use AAA proxies as a starting point for our discussion 
>for simplicity.

I don't remember the last time I read a sentence that contained both 
"AAA proxies" and "simplicity".

>The long-term (and ideal) goal of the list could be to extend the 
>results of the AAA discussion in order to adress proxy-related 
>security issues in general. However, for now we will focus on AAA 
>proxies.

Lots of application proxies have *very* different properties than AAA 
proxies. It will be interesting to see how much of the AAA work will 
be applicable.

--Paul Hoffman, Director
--VPN Consortium
Permalink | Reply | 0 comments |
headers
Pasi.Eronen | 22 Apr 2008 10:59
Picon

Discussions about IPsec maintenance/extensions WG

Hi all,

We're starting a discussion about the possibility of forming
an IPsec maintenance/extensions working group. If you're 
interested, join the IPsec mailing list.

Joining the list:
http://www.ietf.org/mailman/listinfo/ipsec

List archive:
http://www.ietf.org/mail-archive/web/ipsec/current/maillist.html

Best regards,
Pasi
Permalink | Reply | 0 comments |

Gmane