agenda for ietf 55 ipseckey bof ipsec keying information
play

Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information - PowerPoint PPT Presentation

May 14, 2023 •157 likes •308 views

Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information resource record BOF AGENDA: 1. Open meeting and welcome 2. Scribe and blue sheetOlafur Gudmundsson 3. IntroductionMichael Richardson 4. Documents 4.1 Why the KEY

  1. Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information resource record BOF

  2. AGENDA: 1. Open meeting and welcome 2. Scribe and blue sheet�Olafur Gudmundsson 3. Introduction��Michael Richardson 4. Documents 4.1 Why the KEY record was restricted to only DNSSEC keys. Scott Rose see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt 4.2 A method for storing IPsec keying material in DNS. draft-richardson-ipsec-rr-00.txt Michael Richardson 5. open mike 6. Next step.���Olafur Gudmundsson 7. Charter discussion��Olafur Gudmundsson 8. schedule discussion

  3. Mailing list info LIST: ipseckey@sandelman.ottawa.on.ca Archive: http://www.sandelman.ca/lists/html/ipseckey/threads.html email to: majordomo@sandelman.ottawa.on.ca body "subscribe ipseckey"

  4. 2. Blue Sheet

  5. 3. Introduction What we need for Opportunistic Encryption: see draft-richardson-ipsec-opportunistic-10.txt the public key (RSA) of the remote system the IP address (v4 or v6) of the gateway self if in host mode we need this data indexed by IP address, i.e. we need it in in-addr.arpa.

  6. 4. Documents 4.1 Why the KEY record was restricted to only DNSSEC keys. Scott Rose see draft-ietf-dnsext-restrict-key-for-dnssec-04.txt 4.2 A method for storing IPsec keying material in DNS. draft-richardson-ipsec-rr-00.txt Michael Richardson

  7. Scott Rose Why the KEY record was restricted to only DNSSEC keys. draft-ietf-dnsext-restrict-key-for-dnssec-04.txt

  8. initial proposal new resource record type a series of type-length-value pairs currently is extensible (too flexible?)

  9. RR contents A method for storing IPsec keying material in DNS.

  10. Definitions for field types: 0�no more fields 1�priority of this entry 2�IPv4 address of the gateway for this host 3�IPv6 address of the gateway for this host 4�FQDN of the gateway for this host 5�RSA public key for the gateway

  11. 5. open mike

  12. 6. Next steps� Olafur Gudmundsson

  13. 7. Charter discussion�� Olafur Gudmundsson

  14. 8. schedule discussion

  15. IPSEC KEYing information resource record Working group info ipseckey@sandelman.ottawa.on.ca email to: majordomo@sandelman.ottawa.on.ca body "subscribe ipseckey" Drafts: draft-ietf-dnsext-restrict-key-for-dnssec-04.txt draft-richardson-ipsec-rr-00.txt

Recommend

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti , ldondeti@qualcomm.com IETF-67 San Diego, CA November 2006 Contents EAP keying

614 views • 15 slides
Introduction to IPsec Charlie Kaufman charliek@microsoft.com 1 IP Security (IPsec) IETF

Introduction to IPsec Charlie Kaufman charliek@microsoft.com 1 IP Security (IPsec) IETF

Introduction to IPsec Charlie Kaufman charliek@microsoft.com 1 IP Security (IPsec) IETF standard for Network Layer security Popular for creating trusted link (VPN), either firewall-firewall, or machine to firewall Done at

868 views • 51 slides
802.1X & EAP & Keying 802.1 Status Update Paul Congdon Hewlett Packard March 2003 IETF

802.1X & EAP & Keying 802.1 Status Update Paul Congdon Hewlett Packard March 2003 IETF

802.1X & EAP & Keying 802.1 Status Update Paul Congdon Hewlett Packard March 2003 IETF 56, San Francisco, CA 1 The Work Going On Several specifications MUST align to enable a working implementations: IEEE 802.1aa (update

554 views • 7 slides
MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY

MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY

IETF-52, SLC Key Management for Multimedia Sessions <draft-carrara-mm-kmgt-sol-00.txt> <draft-blom-mm-kmgt-00.txt> MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY IETF-52, SLC

194 views • 16 slides
Uses of IPSEC with VPNs VPNs Uses of IPSEC with Purpose Outline some scenarios where IPSEC

Uses of IPSEC with VPNs VPNs Uses of IPSEC with Purpose Outline some scenarios where IPSEC

Uses of IPSEC with VPNs VPNs Uses of IPSEC with Purpose Outline some scenarios where IPSEC can be used with VPNs Identify areas where extensions to IPSEC could be useful Bryan Gleeson, Page-1 VPN Reference Model CE CE PE

352 views • 9 slides
Use of IKEv2 and IPsec with Multiple CoA support MONAMI6 WG, IETF 68 Vijay Devarapalli

Use of IKEv2 and IPsec with Multiple CoA support MONAMI6 WG, IETF 68 Vijay Devarapalli

Use of IKEv2 and IPsec with Multiple CoA support MONAMI6 WG, IETF 68 Vijay Devarapalli (vijay.devarapalli@azairenet.com) Assumptions in RFC 3775, 3963 There is only one primary care-of address per mobile node The primary care-of

240 views • 7 slides
IPSEC VPN overview IPSEC VPN overview Basic VPN Architecture CPE/CLE CPE/CLE PE

IPSEC VPN overview IPSEC VPN overview Basic VPN Architecture CPE/CLE CPE/CLE PE

IPSEC VPN overview IPSEC VPN overview Basic VPN Architecture CPE/CLE CPE/CLE PE PE CPE/CLE Host PE CPE to CPE IPSEC can be used for : PE to PE PE to CPE Bryan Gleeson, Page-1 CPE to CPE IPSEC tunnels

680 views • 8 slides
Labeled IPsec draft-jml-ipsec-ikev1-security-context-00.txt

Labeled IPsec draft-jml-ipsec-ikev1-security-context-00.txt

Labeled IPsec draft-jml-ipsec-ikev1-security-context-00.txt draft-jml-ipsec-ikev2-security-context-00.txt Presented by: Joy Latten Document authors: Serge Hallyn, Trent Jaeger, Joy Latten, and George Wilson Problem Description Mandatory

295 views • 6 slides
Ipsec unter Linux 2.6 Einleitung: Die native IPsec Implementierung im Linux Kernel ab

Ipsec unter Linux 2.6 Einleitung: Die native IPsec Implementierung im Linux Kernel ab

Ipsec unter Linux 2.6 Einleitung: Die native IPsec Implementierung im Linux Kernel ab Version 2.5.47 basiert auf dem USAGI Projekt. Hierbei handelt es sich um eine alternative Implementierung des IPsec Stacks zum FreeS/WAN Projekt.

610 views • 8 slides
THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec

THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec

THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec based VPN solution Make encryption the default mode of communication Certifjcations (FIPS, Common Criteria, USGv6, etc.)

917 views • 25 slides
2N02 Aufbau eines VPNs mit IPsec Andreas Aurand Compaq Solution and Service Center Agenda

2N02 Aufbau eines VPNs mit IPsec Andreas Aurand Compaq Solution and Service Center Agenda

2N02 Aufbau eines VPNs mit IPsec Andreas Aurand Compaq Solution and Service Center Agenda IPsec Konfiguration unter IOS Konfiguration der ISAKMP Protection Suite Konfiguration der IPsec Protection Suite "Cisco VPN

359 views • 25 slides
Yasser F. O. Mohammad REMIDER 1: IPSec Uses REMINDER 2: IPSec Services Access control

Yasser F. O. Mohammad REMIDER 1: IPSec Uses REMINDER 2: IPSec Services Access control

Yasser F. O. Mohammad REMIDER 1: IPSec Uses REMINDER 2: IPSec Services Access control Connectionless integrity Data origin authentication Rejection of replayed packets a form of partial sequence integrity Confidentiality

818 views • 37 slides
lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending -

lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending -

lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending - chroma keying revisited: "pulling a matte" Organization of Course 1: Viewing transformations 2: Visibility, geometry modelling 3:

685 views • 41 slides
Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and

Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and

Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and Linux Contents Introduction Highly Scalable Linux Network Stack Netfilter Hooks Packet selection based on IP Tables The Connection Tracking

444 views • 9 slides
IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107 and IETF 108. This report presents a summary of activities. More detailed information on many of the topics is also available at https://www.iab.org

205 views • 3 slides
OPPORTUNISTIC ENCRYPTION USING IPSEC Linux Security Summit, Toronto August 2016 Presented by

OPPORTUNISTIC ENCRYPTION USING IPSEC Linux Security Summit, Toronto August 2016 Presented by

OPPORTUNISTIC ENCRYPTION USING IPSEC Linux Security Summit, Toronto August 2016 Presented by Paul Wouters, RHEL Security THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec based VPN solution

736 views • 32 slides
IoT Roadmap in the IETF Ines Robles - 2017 maria.ines.robles@ericsson.com Agenda IETF and IoT

IoT Roadmap in the IETF Ines Robles - 2017 maria.ines.robles@ericsson.com Agenda IETF and IoT

IoT Roadmap in the IETF Ines Robles - 2017 maria.ines.robles@ericsson.com Agenda IETF and IoT Definitions IETF IoT WGs Internet Area: 6lo, 6tisch, lpwan, lwig, ipwave Routing Area: roll Application and Real Time Area: core Security Area:

920 views • 72 slides
Requirements for IPsec Negotiation in the SIP Framework

Requirements for IPsec Negotiation in the SIP Framework

Requirements for IPsec Negotiation in the SIP Framework draft-saito-mmusic-ipsec-negotiation-req-00.txt August 1, 2005 Makoto Saito (ma.saito@ntt.com) Shingo Fujimoto (shingo_fujimoto@jp.fujitsu.com) 1 Motivation To secure communication

83 views • 6 slides
Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of Sciences Nickolay Pakoulin npak@ispras.ru Agenda Work Background Specification based testing in IPsec Discussion Future work The work

578 views • 30 slides
IKEv2: IPSec Key Management Protocol Lecture 20 Acknowledgement: Slides from Vincent Luk, revised

IKEv2: IPSec Key Management Protocol Lecture 20 Acknowledgement: Slides from Vincent Luk, revised

IKEv2: IPSec Key Management Protocol Lecture 20 Acknowledgement: Slides from Vincent Luk, revised by Cunsheng Ding IP Security Architecture IPSec module 1 IPSec module 2 SPD SPD IKE IKE AH/ESP AH/ESP SAD SAD SA IKE: Internet Key

702 views • 26 slides
IETF 87 Administrative Plenary 1 Agenda 1. Welcome 2. Introducing the sponsors 3. Reporting

IETF 87 Administrative Plenary 1 Agenda 1. Welcome 2. Introducing the sponsors 3. Reporting

IETF 87 Administrative Plenary 1 Agenda 1. Welcome 2. Introducing the sponsors 3. Reporting - IETF Chair - IAOC Chair and IAD - IETF Trust Chair - NomCom Chair 4. Postel Award 5. Recognition 6. More reporting - Diversity team - Open

385 views • 16 slides
EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF

940 views • 7 slides
Reliable Multicast Transport (RMT) WG rmt@ietf.org 63rd IETF -- Paris, France Mon, August 1,

Reliable Multicast Transport (RMT) WG rmt@ietf.org 63rd IETF -- Paris, France Mon, August 1,

Reliable Multicast Transport (RMT) WG rmt@ietf.org 63rd IETF -- Paris, France Mon, August 1, 2005 Lorenzo Vicisano lorenzo@cisco.com Remember to look for A Minute-taker .. thanks! Agenda Introduction Agenda Bashing

486 views • 11 slides
TEAS Working Group Online Agenda and Slides at: http://tools.ietf.org/wg/teas/agenda Data

TEAS Working Group Online Agenda and Slides at: http://tools.ietf.org/wg/teas/agenda Data

TEAS Working Group Online Agenda and Slides at: http://tools.ietf.org/wg/teas/agenda Data tracker: http://datatracker.ietf.org/wg/teas/ Tools page: http://tools.ietf.org/wg/teas IETF 93 - TEAS Working Group 1 IETF Note Well This summary is

376 views • 9 slides

More recommend