CDB-041110-1 Chris Bonatti (IECA, Inc.) Tel: (+1) 301-548-9569 Proposed PKI4IPSEC Certificate Management Requirements Document IETF #61 – PKI4IPSEC Working.

Slides:



Advertisements
Similar presentations
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
Advertisements

PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean,
Biller Direct Getting Started
1 September 2003 IEEE Draft 2.5 OAM Comment Resolution Las Vegas, NV - September 2003 Section Editor: Glenn Parsons Technical Editors: Leon Bruckman,
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
John Gallagher Manager, Data Acquisition and Management State Government of Victoria SSI Victorial Summit 2008.
Public Key Infrastructure Ben Sangster February 23, 2006.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Home Network Models Vijay Devarapalli draft-ietf-nemo-home-network-models-02 NEMO WG, IETF 62.
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.
AD description template definition Marián Mlynarovič FIIT Lectures 2006.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
The future of interoperability for ILL and resource sharing by Clare Mackeigan Relais International.
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
SIP working group status Keith Drage, Dean Willis.
Best Practices Working Group June 19-21, 2001 Munich, Germany.
Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.
11/10/2003Pki4ipsec-nov03-agenda BOF Profiling Use of PKI in IPsec pki4ipsec Chairs: Gregory M Lebovitz Steve.
+1 (801) Standards for Registration Practices Statements IGTF Considerations.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
The CDM Project Cycle. The first step -- submit a PIN (template on Description of Project Proponent Type of Project Location of.
1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
Yang Shi, Chris Elliott, Yong Zhang IETF 73 rd 18 Nov 2008, Minneapolis CAPWAP WG MIB Drafts Report.
RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.
Michael Myers VeriSign, Inc.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
QoS NSLP draft-ietf-nsis-qos-nslp-06.txt Slides: Sven van den Bosch, Georgios Karagiannis, Andrew McDonald.
CDB Chris Bonatti (IECA, Inc.) Tel: (+1) Proposed PKI4IPSEC Certificate Management Requirements Document IETF #59 – PKI4IPSEC Working.
DRAFT ROSS Version /18/13 BASIC ROSSD-SL BASIC UNIT 7 REQUEST STATUS.
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.
The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.
Transport Layer Security (TLS) IETF-72, Dublin July 27, 2008 Chairs: Eric Rescorla Joseph Salowey.
1 PKI Disaster Recovery and Key Rollover Bull S.A.S.
By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.
FP6 IT System 1 ELECTRONIC PROPOSAL SUBMISSION SYSTEM.
CMC and PKI4IPSEC Jim Schaad. Requirements Issues What does MAY really mean What does SHOULD really mean Requirements on Admin Peer Requirements on structure.
GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-ietf-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning Schulzrinne.
IETF 61 – Washington D.C.1 Detecting Network Attachment Best Current Practices draft-narayanan-dna-bcp-01.txt Sathya Narayanan Panasonic Greg Daley Monash.
Pki4ipsec - IETF 59 - Seoul, Korea1 pki4ipsec Profiling Use of PKI in IPSEC WG.
“Payment Process Review” All EN Payments Call August 25, 2015.
Higher Ed Certificate Authority by CREN: Update CSG February 2, 2000.
File: /ram/wgchairs.sxi Date: 7 January, 2016 Slide 1 Process and Tools (PROTO) Team General Area Meeting IETF59, Seoul, Korea -- March 2004
Contract Invoice Guide
July 2007 CAPWAP Protocol Specification Editors' Report July 2007
CDB Chris Bonatti (IECA, Inc.) Tel: (+1) Proposed PKI4IPSEC Certificate Management Requirements Document IETF #60 – PKI4IPSEC Working.
Subject Identification Method August, 2004 Tim Polk, NIST.
NATFW NSLP Status draft-ietf-nsis-nslp-natfw-08.txt M. Stiemerling, H. Tschofenig, C. Aoun NSIS Working Group, 64th IETF meeting.
IPv6 Transition/Co-existence Security Considerations draft-ietf-v6ops-security-overview-04.txt Elwyn Davies Suresh Krishnan Pekka Savola IETF-66, Montreal,
SCVP-28 Tim Polk November 8, Current Status Draft -27 was submitted in June ‘06 –AD requested a revised ID 8/11 –No related discussion on list –Editors.
SIEVE Mail Filtering WG IETF 70, Vancouver WG Chairs: Cyrus Daboo, Alexey Melnikov Mailing List: Jabber:
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
Prop 182 Update Residential Customer Definition to Not Exclude Wireless as Residential Service.
KeyProv PSKC Specification Mingliang Pei Authors: P. Hoyer, M. Pei and S. Machani 73 nd IETF meeting, Minneapolis, Nov
Draft-dploy-requirements-00 Overview: draft-dploy-requirements-00 Gregory M Lebovitz pki4ipsec BOF.
IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli
Layer Management and MIBs Sections Report
Registration Process for new messages
Resource Certificate Profile
STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,
STIR WG IETF-99 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-00) July, 2017 Ray P. Singh, Martin Dolly, Subir Das, and An.
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006
draft-ietf-p2psip-base-03
Registration Process for new message variants
Comment Resolution Actions
Update on BRSKI-AE – Support for asynchronous enrollment
Guidelines for using the Multiplexing Features of RTP to Support Multiple Media Streams draft-ietf-avtcore-multiplex-guidelines-06 Magnus.
Presentation transcript:

CDB Chris Bonatti (IECA, Inc.) Tel: (+1) Proposed PKI4IPSEC Certificate Management Requirements Document IETF #61 – PKI4IPSEC Working Group 10 November 2004 – Washington, DC

CDB Status of Draft Publication history: –draft-dploy-requirements MAR –draft-bonatti-pki4ipsec-profile-reqts JAN-30 –draft-bonatti-pki4ipsec-profile-reqts JUL-19 –draft-ietf-pki4ipsec-mgmt-profile-rqts AUG-4 –draft-ietf-pki4ipsec-mgmt-profile-rqts OCT-25 August 4 version was substantially the same as July 19 version. October 25 version addresses text comments identified around IETF #60. We’re not nearly finished.

CDB Document Structure 1.Introduction 2.Architecture –VPN System (VPN Peers & VPN Admin) –PKI System (CA, RA, Repository) –VPN-PKI interaction (steps in certificate life cycle) 3.Requirements –Subsections address different requirement areas 4.Security Considerations Annexes A. References B. Acknowledgements C. Editor's Address D. Summary of Requirements Plan to include a summary table similar to those in RFCs 1122, 1123, and E. Change History

CDB Section 3 Subsections 3.1 General Requirements 3.2 Authorization Transactions 3.3 Key Generation and PKC Request Construction 3.4 Enrollment (Sending Request and PKC Retrieval) 3.5 PKC Profile for PKI Interaction 3.6 PKC Renewals and Changes 3.7 Finding PKCs in Repositories 3.8 Revocation Action 3.9 Revocation Checking and Status Information

CDB Changes to Draft Numerous editorial changes: –Acronym fixes –Clarification of PKC Change definition –Rearranged and consolidated references –Clarified what “off-line” communication (out of band) entails.

CDB Issues Need to add more clarity on the makeup of the registration “template”. Should the VPN Peer be able to cancel a pre- authorization in addition to the Admin. Need to clarify error handling for the pre- enrollment process. Lots of editorial holes to be filled, but the issues are less granular.

CDB Way Forward Issue log was created previously. This is more of an editorial work list than technical issues. New issue tracker: – Work through issue log, discussing open issues on the list. Issues will gradually migrate to the tracker.

CDB Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.