Hi all,
I have just received the following request to the WG to classify the
security features supported in our protocol according to the
schema/questions below.
I assume we need to give a little more details than just stating that we
support SSL/TLS.
Can somebody help me out with this so we get it rigth? We should then run
the proposed answer on the IPP DL before sending it back to the IETF, so
that we know we all agree on the content.
Carl-Uno
Carl-Uno Manros
700 Carnegie Street #3724
Henderson, NV 89052, USA
Tel +1-702-617-9414
Fax +1-702-617-9417
Mob +1-702-525-0727
Email carl@manros.com
Web www.manros.com
-----Original Message-----
From: owner-wgchairs@ietf.org [mailto:owner-wgchairs@ietf.org] On Behalf Of
Charlie_Kaufman@notesdev.ibm.com
Sent: Thursday, July 10, 2003 7:40 PM
To: wgchairs@ietf.org
Subject: Security Survey for wgchairs from IAB
First let me apologize for sending this during the crunch before an IETF
meeting. If you don't manage to respond immediately, that's OK; I'll bug you
again. Possibly even in person.
Jim Kempf and I were tasked with doing a survey of IETF working groups to
find out whether and how they are using the security mechanisms coming out
of the security area. The goal is to figure out whether the right tools are
being made available and whether how to use them is being communicated. This
first attempt at a survey form is designed to be easy to fill out -
particularly for working groups for which security is not particularly
relevant - so we can figure out who we need to follow up with with more
detailed questions. While we would encourage people to tell us as much as
they feel is useful, a quick and incomplete response would be helpful as
well.
The questions are still being debugged. Some may make no sense in some
contexts. Feel free to flame us about that. Your working group may be
working on sufficiently diverse things that it makes more sense to respond
separately for different work areas. If so, feel free. We assume that specs
talk about some representation of data and some "remote" source and/or sink
of that data. Not all do. Bear with us.
Please send responses to ckaufman@us.ibm.com and kempf@docomolabs-usa.com
Thanks for your help!
1) Identification and Authentication: If the technology of this WG has a
concept of things it talks to or about, how are they named and
authenticated?
Identification of users or administrators by: text string( ); DNS name( );
rfc822 name( ); UID( ); CN( ): DN( ); Other ( )
Identification of remote endpoints by: text string( ); DNS name( ); IP
address( ); Link layer address( );
rfc822 name( ); UID( ); OID( ); Other( )
Identification of data in a hierarchy by: text string( ); SNMP( );
ID( ); OID( ); Other( )
Authentication of users or administrators using passwords( ); reference to
other specs( ); cryptographic algorithms( ); Other( );
What other specs:
What cryptographic algorithms:
Authentication of remote endpoints using passwords( ); IP addresses( );
Link Layer addresses( );
reference to other specs( ); cryptographic algorithms( );
Other( )
What other specs:
What cryptographic algorithms:
2) Protecting data while being transferred and/or stored:
Protecting data by passing it over SSL and/or TLS ( )
Protecting data by passing it over IPsec ( )
Protecting data by encoding it with PKCS-7 / CMS / S/MIME ( )
Protecting data using XML Signing and/or Encryption ( )
Protecting data defined by referencing other specs ( )
Protecting data with other cryptographic mechanisms ( )
3) Provisioning/Configuration of security information (keys, user names,
system names)
By unspecified out of band mechanism ( )
Referencing another spec ( ) Which?
Specifies a protocol for doing this ( )
This archive was generated by hypermail 2b29 : Sat Jul 12 2003 - 18:43:20 EDT