Protocol Action: 'Guidelines for Cryptographic Key Management' to BCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The IESG has approved the following document:

- 'Guidelines for Cryptographic Key Management '
   <draft-bellovin-mandate-keymgmt-03.txt> as a BCP

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Sam Hartman.

Technical Summary
 
   The question often arises of whether or not a given security system
   requires some form of automated key management, or whether manual
   keying is sufficient.  This memo proposes guidelines for making such
   decisions.  The presumption is that when symmetric cryptographic
   mechanisms are used in a protocol, then automated key management is
   generally but not always needed.  If manual keying is proposed, the
   burden of proving that automated key management is not required falls
   to the proposer.
 
Working Group Summary
 
   While this specification is not the product of an IETF working
   group, it has been reviewed in the SAAG.  There was significant
   support for publication in SAAG.  Comments from the SAAG review have
   been incorporated into the specification.
 
Protocol Quality
 
   This document has been reviewed by Sam Hartman for the IESG.

RFC Editor Note

 In the abstract:
 s/proposes/provides/
 old:
    keying is sufficient.  This memo proposes guidelines for making such
 new:
    keying is sufficient.  This memo provides guidelines for making such

 section 2:
 old:
    In general, automated key management SHOULD be used to establish
    session keys.  This is a very strong "SHOULD", meaning the
    justification is needed in the security considerations section of a
    proposal that makes use of manual key management.
 new:
 In general, automated key management SHOULD be used to establish
     session keys.  Justification is needed in the security considerations
     section of a proposal that makes use of manual key management.

 Section 2.2:

 s/is/may be/
 old:
    Manual key management is a reasonable approach in any of these
    situations:
                                              new:
    Manual key management may be a reasonable approach in any of these
    situations:

IANA Note

  No IANA actions are required by this document.


_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux