From btns-bounces@ietf.org Tue Nov 4 00:09:36 2008 Return-Path: X-Original-To: btns-archive-1@ietf.org Delivered-To: ietfarch-btns-archive-1@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E3A623A6962; Tue, 4 Nov 2008 00:09:36 -0800 (PST) X-Original-To: btns@ietf.org Delivered-To: btns@core3.amsl.com Received: by core3.amsl.com (Postfix, from userid 0) id 0D2FC3A6AE7; Sun, 2 Nov 2008 20:00:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20081103040002.0D2FC3A6AE7@core3.amsl.com> Date: Sun, 2 Nov 2008 20:00:02 -0800 (PST) X-Mailman-Approved-At: Tue, 04 Nov 2008 00:09:35 -0800 Cc: btns@ietf.org Subject: [btns] I-D Action:draft-ietf-btns-abstract-api-02.txt X-BeenThere: btns@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Better-Than-Nothing-Security Working Group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: btns-bounces@ietf.org Errors-To: btns-bounces@ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Better-Than-Nothing Security Working Group of the IETF. Title : An abstract interface between applications and IPsec Author(s) : M. Richardson Filename : draft-ietf-btns-abstract-api-02.txt Pages : 23 Date : 2008-11-02 This document explains in the abstract (no language bindings are provided) how an application may learn that IPsec has been applied to a conversation or specify that IPsec should be used. Though this is useful in general it is particularly useful for applications that wish to use BTNS (Better Than Nothing Security -- a mode of IPsec keying), either in conjunction with channel binding or otherwise. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-btns-abstract-api-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-btns-abstract-api-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2008-11-02195923.I-D@ietf.org> --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ btns mailing list btns@ietf.org https://www.ietf.org/mailman/listinfo/btns --NextPart-- From btns-bounces@ietf.org Tue Nov 4 00:09:37 2008 Return-Path: X-Original-To: btns-archive-1@ietf.org Delivered-To: ietfarch-btns-archive-1@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 09B963A698B; Tue, 4 Nov 2008 00:09:37 -0800 (PST) X-Original-To: btns@ietf.org Delivered-To: btns@core3.amsl.com Received: by core3.amsl.com (Postfix, from userid 0) id 1BDEA3A67F0; Mon, 3 Nov 2008 00:45:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20081103084502.1BDEA3A67F0@core3.amsl.com> Date: Mon, 3 Nov 2008 00:45:02 -0800 (PST) X-Mailman-Approved-At: Tue, 04 Nov 2008 00:09:35 -0800 Cc: btns@ietf.org Subject: [btns] I-D Action:draft-ietf-btns-connection-latching-08.txt X-BeenThere: btns@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Better-Than-Nothing-Security Working Group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: btns-bounces@ietf.org Errors-To: btns-bounces@ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Better-Than-Nothing Security Working Group of the IETF. Title : IPsec Channels: Connection Latching Author(s) : N. Williams Filename : draft-ietf-btns-connection-latching-08.txt Pages : 28 Date : 2008-11-03 This document specifies, abstractly, how to interface applications and transport protocols with IPsec so as to create "channels" by latching "connections" (packet flows) to certain IPsec Security Association (SA) parameters for the lifetime of the connections. Connection latching is layered on top of IPsec and does not modify the underlying IPsec architecture. Connection latching can be used to protect applications against accidentally exposing live packet flows to unintended peers, whether as the result of a reconfiguration of IPsec or as the result of using weak peer identity to peer address associations. Weak association of peer ID and peer addresses is at the core of Better Than Nothing Security (BTNS), thus connection latching can add a significant measure of protection to BTNS IPsec nodes. Finally, the availability of IPsec channels will make it possible to use channel binding to IPsec channels. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-btns-connection-latching-08.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-btns-connection-latching-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2008-11-03003508.I-D@ietf.org> --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ btns mailing list btns@ietf.org https://www.ietf.org/mailman/listinfo/btns --NextPart-- From btns-bounces@ietf.org Mon Nov 17 08:01:11 2008 Return-Path: X-Original-To: btns-archive-1@ietf.org Delivered-To: ietfarch-btns-archive-1@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED16B3A6A3B; Mon, 17 Nov 2008 08:01:11 -0800 (PST) X-Original-To: btns@core3.amsl.com Delivered-To: btns@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8431028C180; Fri, 14 Nov 2008 13:42:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.239 X-Spam-Level: X-Spam-Status: No, score=-17.239 tagged_above=-999 required=5 tests=[AWL=-0.240, BAYES_00=-2.599, J_CHICKENPOX_93=0.6, USER_IN_DEF_WHITELIST=-15] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E72FIG9th-lW; Fri, 14 Nov 2008 13:42:14 -0800 (PST) Received: from bosco.isi.edu (bosco.isi.edu [128.9.168.207]) by core3.amsl.com (Postfix) with ESMTP id BED1428B797; Fri, 14 Nov 2008 13:42:14 -0800 (PST) Received: by bosco.isi.edu (Postfix, from userid 70) id 4CA53175004; Fri, 14 Nov 2008 13:42:15 -0800 (PST) To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org From: rfc-editor@rfc-editor.org Message-Id: <20081114214215.4CA53175004@bosco.isi.edu> Date: Fri, 14 Nov 2008 13:42:15 -0800 (PST) X-Mailman-Approved-At: Mon, 17 Nov 2008 08:01:10 -0800 Cc: btns@ietf.org, rfc-editor@rfc-editor.org Subject: [btns] RFC 5386 on Better-Than-Nothing Security: An Unauthenticated Mode of IPsec X-BeenThere: btns@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Better-Than-Nothing-Security Working Group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: btns-bounces@ietf.org Errors-To: btns-bounces@ietf.org A new Request for Comments is now available in online RFC libraries. RFC 5386 Title: Better-Than-Nothing Security: An Unauthenticated Mode of IPsec Author: N. Williams, M. Richardson Status: Standards Track Date: November 2008 Mailbox: Nicolas.Williams@sun.com, mcr@sandelman.ottawa.on.ca Pages: 11 Characters: 23103 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-btns-core-07.txt URL: http://www.rfc-editor.org/rfc/rfc5386.txt This document specifies how to use the Internet Key Exchange (IKE) protocols, such as IKEv1 and IKEv2, to setup "unauthenticated" security associations (SAs) for use with the IPsec Encapsulating Security Payload (ESP) and the IPsec Authentication Header (AH). No changes to IKEv2 bits-on-the-wire are required, but Peer Authorization Database (PAD) and Security Policy Database (SPD) extensions are specified. Unauthenticated IPsec is herein referred to by its popular acronym, "BTNS" (Better-Than-Nothing Security). [STANDARDS TRACK] This document is a product of the Better-Than-Nothing Security Working Group of the IETF. This is now a Proposed Standard Protocol. STANDARDS TRACK: This document specifies an Internet standards track protocol for the Internet community,and requests discussion and suggestions for improvements. Please refer to the current edition of the Internet Official Protocol Standards (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team USC/Information Sciences Institute _______________________________________________ btns mailing list btns@ietf.org https://www.ietf.org/mailman/listinfo/btns From btns-bounces@ietf.org Mon Nov 17 08:01:12 2008 Return-Path: X-Original-To: btns-archive-1@ietf.org Delivered-To: ietfarch-btns-archive-1@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 122C428C0FE; Mon, 17 Nov 2008 08:01:12 -0800 (PST) X-Original-To: btns@core3.amsl.com Delivered-To: btns@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 975FD28C1CB; Fri, 14 Nov 2008 13:42:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.499 X-Spam-Level: X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, USER_IN_DEF_WHITELIST=-15] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B64bSdaQnrB8; Fri, 14 Nov 2008 13:42:32 -0800 (PST) Received: from bosco.isi.edu (bosco.isi.edu [128.9.168.207]) by core3.amsl.com (Postfix) with ESMTP id B428228C1C9; Fri, 14 Nov 2008 13:42:32 -0800 (PST) Received: by bosco.isi.edu (Postfix, from userid 70) id 42037175006; Fri, 14 Nov 2008 13:42:33 -0800 (PST) To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org From: rfc-editor@rfc-editor.org Message-Id: <20081114214233.42037175006@bosco.isi.edu> Date: Fri, 14 Nov 2008 13:42:33 -0800 (PST) X-Mailman-Approved-At: Mon, 17 Nov 2008 08:01:10 -0800 Cc: btns@ietf.org, rfc-editor@rfc-editor.org Subject: [btns] RFC 5387 on Problem and Applicability Statement for Better-Than-Nothing Security (BTNS) X-BeenThere: btns@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Better-Than-Nothing-Security Working Group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: btns-bounces@ietf.org Errors-To: btns-bounces@ietf.org A new Request for Comments is now available in online RFC libraries. RFC 5387 Title: Problem and Applicability Statement for Better-Than-Nothing Security (BTNS) Author: J. Touch, D. Black, Y. Wang Status: Informational Date: November 2008 Mailbox: touch@isi.edu, black_david@emc.com, yu-shun.wang@microsoft.com Pages: 28 Characters: 71707 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-btns-prob-and-applic-07.txt URL: http://www.rfc-editor.org/rfc/rfc5387.txt The Internet network security protocol suite, IPsec, requires authentication, usually of network-layer entities, to enable access control and provide security services. This authentication can be based on mechanisms such as pre-shared symmetric keys, certificates with associated asymmetric keys, or the use of Kerberos (via Kerberized Internet Negotiation of Keys (KINK)). The need to deploy authentication information and its associated identities can be a significant obstacle to the use of IPsec. This document explains the rationale for extending the Internet network security protocol suite to enable use of IPsec security services without authentication. These extensions are intended to protect communication, providing "better-than-nothing security" (BTNS). The extensions may be used on their own (this use is called Stand-Alone BTNS, or SAB) or may be used to provide network-layer security that can be authenticated by higher layers in the protocol stack (this use is called Channel-Bound BTNS, or CBB). The document also explains situations for which use of SAB and/or CBB extensions are applicable. This memo provides information for the Internet community. This document is a product of the Better-Than-Nothing Security Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team USC/Information Sciences Institute _______________________________________________ btns mailing list btns@ietf.org https://www.ietf.org/mailman/listinfo/btns