A new IETF working group has been proposed in the Security Area. The IESG has not made any determination as yet. The following description was submitted, and is provided for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by March 16. +++ Better-Than-Nothing Security (btns) =================================== Current Status: Proposed Working Group DESCRIPTION: Current Internet Protocol security protocol (IPsec) and Internet Key Exchange protocol (IKE) present somewhat of an all-or-nothing alternative; these protocols provide protection from a wide array of possible threats, but are sometimes not deployed because of the need for pre-existing credentials. There is significant interest in providing anonymous keying for IPsec between two parties who do not have credentials suitable for the current profile of IKE. This mode would protect against passive attacks but would be vulnerable to active attacks. The primary purpose of this working group is to specify extensions to or profiles of IKE to enable this mode of IPsec. The goal of this relaxed varient of IPsec is to enable and encourage the use of network security where it has been difficult to deploy - notably, to enable simpler, more rapid deployment. Two related problems emerged during the discussion of this problem. First, there is a desire in the KITTEN, RDDP, NFSv4 and potentially otherc working groups to perform anonymous authentication at the IPsec layer and later cryptographically bind the IPsec association to application authentication. The specification of how this binding is performed for IPsec and the specification of how the binding interact with application authentication protocols are out of scope for this working group. However, the interactions between this cryptographic channel binding and the IPsec PAD will be similar to those for the anonymous mode with no binding. This working group needs to consider the channel bindings use case when developing extensions to the PAD and SPD. Secondly, BTNS and the channel bindings work both encourage IPsec to be used to secure higher layer protocols. AS such we need to consider what information these higher layer protocols need from IPsec. Two proposals are under discussion for providing anonymous keing for IPsec: bare RSA keys transported by IKE and self-signed certificates transported by IKE. The WG has the following specific goals over three IETF meetings: a) develop a framework document to describe the motivation and goals of these infrastructure-free variants of security protocols in general, and IPsec and IKE in specific b) develop an applicability statement, characterizing a reasonable set of threat models with relaxed assumptions suitable for infrastructure-free use, and describing the limits and conditions of appropriate use of infrastructure-free variants c) develop standards-track IKE extensions and/or profiles that support one or both of the bare RSA keys or self-signed certificates d) Specify standards-track extensions to the SPD and PAD to support anonymous keying for IPsec and cryptographic channel bindings for IPsec e) Develop an informational document giving advice to IPsec implementers and higher-level protocol designers on the use of IPsec in securing higher-level protocols _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
