attachment-0001
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1252">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=230073422-12072003>Hi
all,</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=230073422-12072003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=230073422-12072003>I have
just received the following request to the WG to classify the security
features supported in our protocol according to the schema/questions
below.</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=230073422-12072003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=230073422-12072003>I
assume we need to give a little more details than just stating that we support
SSL/TLS.</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=230073422-12072003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=230073422-12072003>Can
somebody help me out with this so we get it rigth? We should then run the
proposed answer on the IPP DL before sending it back to the IETF, so that
we know we all agree on the content.</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=230073422-12072003></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=230073422-12072003>Carl-Uno</SPAN></FONT></DIV>
<DIV> </DIV>
<P><FONT size=2>Carl-Uno Manros<BR>700 Carnegie Street #3724<BR>Henderson, NV
89052, USA<BR>Tel +1-702-617-9414<BR>Fax +1-702-617-9417<BR>Mob
+1-702-525-0727<BR>Email carl@manros.com<BR>Web
www.manros.com</FONT> </P>
<DIV> </DIV>
<DIV class=OutlookMessageHeader><FONT face="Times New Roman"
size=2>-----Original Message-----<BR><B>From:</B> owner-wgchairs@ietf.org
[mailto:owner-wgchairs@ietf.org] <B>On Behalf Of</B>
Charlie_Kaufman@notesdev.ibm.com<BR><B>Sent:</B> Thursday, July 10, 2003 7:40
PM<BR><B>To:</B> wgchairs@ietf.org<BR><B>Subject:</B> Security Survey for
wgchairs from IAB<BR><BR></FONT></DIV><BR><FONT face=sans-serif size=2>First let
me apologize for sending this during the crunch before an IETF meeting. If you
don't manage to respond immediately, that's OK; I'll bug you again. Possibly
even in person.</FONT> <BR><BR><FONT face=sans-serif size=2>Jim Kempf and I were
tasked with doing a survey of IETF working groups to find out whether and how
they are using the security mechanisms coming out of the security area. The goal
is to figure out whether the right tools are being made available and whether
how to use them is being communicated. This first attempt at a survey form is
designed to be easy to fill out - particularly for working groups for which
security is not particularly relevant - so we can figure out who we need to
follow up with with more detailed questions. While we would encourage
people to tell us as much as they feel is useful, a quick and incomplete
response would be helpful as well.</FONT> <BR><BR><FONT face=sans-serif
size=2>The questions are still being debugged. Some may make no sense in some
contexts. Feel free to flame us about that. Your working group may be working on
sufficiently diverse things that it makes more sense to respond separately for
different work areas. If so, feel free. We assume that specs talk about some
representation of data and some "remote" source and/or sink of that data. Not
all do. Bear with us.</FONT> <BR><BR><FONT face=sans-serif size=2>Please send
responses to ckaufman@us.ibm.com and kempf@docomolabs-usa.com</FONT>
<BR><BR><FONT face=sans-serif size=2>Thanks for your help!</FONT> <BR><BR><FONT
face=sans-serif size=2>1) Identification and Authentication: If the technology
of this WG has a concept of things it talks to or about, how are they named and
authenticated?</FONT> <BR><BR><FONT face=sans-serif size=2>Identification of
users or administrators by: text string( ); DNS name( ); rfc822
name( ); UID( ); CN( ): DN( ); Other ( )
</FONT><BR><FONT face=sans-serif size=2>Identification of remote endpoints by:
text string( ); DNS name( ); IP address( ); Link layer
address( ); </FONT><BR><FONT face=sans-serif size=2>
rfc822 name( ); UID( ); OID( );
Other( )</FONT> <BR><FONT face=sans-serif size=2>Identification of data in
a hierarchy by: text string( ); SNMP( ); UID( ); OID( );
Other( )</FONT> <BR><BR><FONT face=sans-serif size=2>Authentication of
users or administrators using passwords( ); reference to other specs(
); cryptographic algorithms( ); Other( );</FONT> <BR><FONT
face=sans-serif size=2> What other specs:</FONT> <BR><FONT
face=sans-serif size=2> What cryptographic algorithms:</FONT>
<BR><BR><FONT face=sans-serif size=2>Authentication of remote endpoints using
passwords( ); IP addresses( ); Link Layer addresses(
);</FONT> <BR><FONT face=sans-serif size=2>
reference to other specs( ); cryptographic
algorithms( ); Other( )</FONT> <BR><FONT face=sans-serif
size=2> What other specs:</FONT> <BR><FONT face=sans-serif
size=2> What cryptographic algorithms:</FONT> <BR><BR><FONT
face=sans-serif size=2>2) Protecting data while being transferred and/or
stored:</FONT> <BR><BR><FONT face=sans-serif size=2>Protecting data by passing
it over SSL and/or TLS ( )</FONT> <BR><FONT face=sans-serif
size=2>Protecting data by passing it over IPsec ( )</FONT> <BR><FONT
face=sans-serif size=2>Protecting data by encoding it with PKCS-7 / CMS / S/MIME
( )</FONT> <BR><FONT face=sans-serif size=2>Protecting data using XML
Signing and/or Encryption ( )</FONT> <BR><FONT face=sans-serif
size=2>Protecting data defined by referencing other specs ( )</FONT>
<BR><FONT face=sans-serif size=2>Protecting data with other cryptographic
mechanisms ( )</FONT> <BR><BR><FONT face=sans-serif size=2>3)
Provisioning/Configuration of security information (keys, user names, system
names)</FONT> <BR><FONT face=sans-serif size=2> By
unspecified out of band mechanism ( )</FONT> <BR><FONT face=sans-serif
size=2> Referencing another spec ( ) Which?</FONT>
<BR><FONT face=sans-serif size=2> Specifies a protocol for
doing this ( )</FONT> <BR></BODY></HTML>