I-D Action: draft-osterweil-dane-ipsec-02.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.


        Title           : Opportunistic Encryption with DANE Semantics and IPsec: IPSECA
        Authors         : Eric Osterweil
                          Glen Wiley
                          Tomofumi Okubo
                          Ramana Lavu
                          Aziz Mohaisen
	Filename        : draft-osterweil-dane-ipsec-02.txt
	Pages           : 17
	Date            : 2015-03-24

Abstract:
   The query/response transactions of the Domain Name System (DNS) can
   disclose valuable meta-data about the online activities of DNS'
   users.  The DNS Security Extensions (DNSSEC) provide object-level
   security, but do not attempt to secure the DNS transaction itself.
   For example, DNSSEC does not protect against information leakage, and
   only protects DNS data until the last validating recursive resolver.
   Stub resolvers are vulnerable to adversaries in the network between
   themselves and their validating resolver ("the last mile").  This
   document details a new DANE-like DNS Resource Record (RR) type called
   IPSECA, and explains how to use it to bootstrap DNS transactions
   through informing entries in IPsec Security Policy Databases (SPDs)
   and to subsequently verifying Security Associations (SAs) for OE
   IPsec tunnels.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-osterweil-dane-ipsec/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-osterweil-dane-ipsec-02

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-osterweil-dane-ipsec-02


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt




[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux