A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Making The Internet Secure By Default
Authors : Michael H. Behringer
Max Pritikin
Steinthor Bjarnason
Filename : draft-behringer-default-secure-00.txt
Pages : 8
Date : 2014-01-15
Abstract:
Pervasive monitoring on the Internet is enabled by the lack of
general, fundamental security. In his presentation at the 88th IETF
Bruce Schneier called for ubiquitous use of security technologies to
make pervasive monitoring too expensive and thus impractical.
However, today security is too operationally expensive, and thus only
used where strictly required.
In this position paper we argue that all network transactions can be
secure by default, with minimal or no operator involvement. This
requires an autonomic approach where all devices in a domain enrol
automatically in a trust domain. Once they share a common trust
anchor they can secure communications between themselves, following a
domain policy which is by default secure.
The focus of this proposal is the network itself, with all protocols
between network elements, including control plane protocols (e.g.,
routing protocols) and management plane protocols (e.g., SSH,
netconf, etc). The proposal is evolutionary and allows a smooth
migration from today's Internet technology, device by device.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-behringer-default-secure/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-behringer-default-secure-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
