Subject: IETF Security Area Advisory Group (SAAG) meeting notes
To: None <>
From: None <>
List: tech-security
Date: 11/11/1999 19:44:09
by redmail.netbsd.org with SMTP; 11 Nov 1999 19:44:08 -0000
Mime-Version: 1.0
Message-Id: <v04210100b450b7c8c7d8@[204.254.20.18]>
Date: Thu, 11 Nov 1999 14:42:55 -0500
To: tech-security@netbsd.org
From: Erik Fair <security-officer@NetBSD.ORG>
Subject: IETF Security Area Advisory Group (SAAG) meeting notes
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
The Internet Research Task Force (IRTF, an adjunct to the IETF,
reporting to the IAB) has constituted a research group (Secure
Multicast Group - SMuG) to look into security issues in IP Multicast,
come up with design guidelines, and experiment with protocols. When
the experiments are mature enough, they'll be handed over to the IETF
for standardization.
Working Group Reports
AFT - no meeting
CAT
Java GSS-API was the major topic for discussion. Kerberos documents
are getting some small revisions, but are going to "last call" soon.
IPSEC - Ted T'so
Two issues: SNMP MIBs for IPSEC, and Public Key Infrastructure
(PKIX); since IPSEC is the first consumer of PKIX, they're hitting
all the teething problems.
IPSP BOF - IP security Policy
no report but substantive discussion
IPSRA BOF - IP Security Remote Access
Micropayments BOF - J.I.
Presentation from W3C about how to present E-commerce on the web.
Presentation from IBM about a mechanism to bill back for transactions.
J.I. presented his own scheme for micropayments
no consensus on working group charter - what work to do?
Probably one more BOF at the next IETF meeting
PKIX -
Briefing from X.509 WG chair who had just returned from a meeting in
Copenhagen. Technical details of changes accepted were presented.
RFC2459 has some bugs in it, time to discuss a son-of-2459.
Discussion of Elliptic Curve crypto for signing being folded into a draft.
Discussion of online revocation certificate checking - there are lots
of ideas for how, time to settle on one.
Briefing on work being done in the European Electronic Signature Group.
S/MIME -
Five RFCs now at Proposed Standard; doing a matrix for testing to get
to Draft status.
Several documents in WG Last Call.
Continued work on Security Labels
Another presentation about European ESG, with particular emphasis on
how to make electronic signatures legally binding - they were
encouraged to publish.
SYSLOG BOF - Marcus Leech
Many fine presentations, but lack of focus until the end when there
was input from the floor about how to deal with the problem of secure
logging in an insecure network. This was mostly about the UNIX syslog
protocol, which is not really a standard right now. Eric Allman was
there, and was interested in participating in the effort to
standardize it.
TLS - Win Treese
Drafts are now or will shortly be at IESG for IETF Last Call; now
working on Draft status for TLS. Updating WG charter.
XMLDSIG - Donald Eastlake
Joint IETF/W3C WG. The requirements doc is in last call at W3C, and
will be in IETF last call shortly. The WG follows IETF rules.
a quick word about DNS - DNSSEC and DNSIND are being merged; they're
trying to get their documents out the door.
SNTP - no meeting
need help - document editor.
Presentation:
Integrity Aware PCBC Encryption Schemes
Virgil Gligor <gligor@eng.umd.edu>, U of Maryland EECS
this work recommended by Steve Bellovin; goal is an integrity check
and encryption in one pass over the data. It is patented, but may be
made available for royalty-free license. Paper will be made available
on the web.
Open Mike Time - Jeff Schiller
Bill Simpson - NASREQ is doing a lot of the same kind of security
considerations that IPSRA wants to do; NASREQ has already done them.
There will be a dinner to hash over security requirements between
these two, and two other WGs.
Last night's plenary discussion about Wiretapping Protocols made the NYT.
meeting adjourned.