From owner-ietf-ipsra@mail.vpnc.org Mon Oct 7 18:30:37 2002 Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA08625 for ; Mon, 7 Oct 2002 18:30:37 -0400 (EDT) Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g97MCo128347 for ietf-ipsra-bks; Mon, 7 Oct 2002 15:12:50 -0700 (PDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g97MCnv28342 for ; Mon, 7 Oct 2002 15:12:49 -0700 (PDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA07939; Mon, 7 Oct 2002 18:10:45 -0400 (EDT) Message-Id: <200210072210.SAA07939@ietf.org> To: IETF-Announce: ; Cc: RFC Editor , Internet Architecture Board , ietf-ipsra@vpnc.org From: The IESG Subject: Document Action: Requirements for IPsec Remote Access Scenarios to Informational Date: Mon, 07 Oct 2002 18:10:45 -0400 Sender: owner-ietf-ipsra@mail.vpnc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: The IESG has approved the Internet-Draft 'Requirements for IPsec Remote Access Scenarios' as an Informational RFC. This document is the product of the IP Security Remote Access Working Group. The IESG contact persons are Jeff Schiller and Steve Bellovin. From owner-ietf-ipsra@mail.vpnc.org Thu Oct 10 07:38:34 2002 Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA29051 for ; Thu, 10 Oct 2002 07:38:33 -0400 (EDT) Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g9ABKTA25194 for ietf-ipsra-bks; Thu, 10 Oct 2002 04:20:29 -0700 (PDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g9ABKSv25190 for ; Thu, 10 Oct 2002 04:20:28 -0700 (PDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA28467; Thu, 10 Oct 2002 07:18:04 -0400 (EDT) Message-Id: <200210101118.HAA28467@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ipsra@vpnc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ipsra-pic-06.txt Date: Thu, 10 Oct 2002 07:18:04 -0400 Sender: owner-ietf-ipsra@mail.vpnc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Remote Access Working Group of the IETF. Title : PIC, A Pre-IKE Credential Provisioning Protocol Author(s) : Y. Sheffer, H. Krawczyk, B. Aboba Filename : draft-ietf-ipsra-pic-06.txt Pages : 30 Date : 2002-10-9 This document presents a Pre-IKE Credential (PIC) provisioning protocol. PIC is a method to bootstrap IPsec authentication via an 'Authentication Server' (AS) and user authentication mechanisms such as RADIUS. PIC happens before IKE (the Internet Key Exchange protocol). The client machine communicates with the AS using a key exchange protocol where only the server is authenticated, and the derived keys are used to protect the user authentication. Once the user is authenticated, the client machine obtains credentials from the AS that can be later used to authenticate the client in a standard IKE exchange, with no user intervention. The proposed key exchange is based on ISAKMP (the Internet Security Association and Key Management Protocol), similar to a simplified IKE exchange. Arbitrary user authentication is supported via the use of EAP (the PPP Extensible Authentication Protocol). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ipsra-pic-06.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ipsra-pic-06.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ipsra-pic-06.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2002-10-9145054.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ipsra-pic-06.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ipsra-pic-06.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2002-10-9145054.I-D@ietf.org> --OtherAccess-- --NextPart--