Security Area

Director:


   o Jeff Schiller:  jis@mit.edu


Area Summary reported by Jeff Schiller/MIT and Jim Galvin/TIS

The Security Area within the IETF is responsible for development of
security oriented protocols, security review of RFCs, development of
candidate policies, and review of operational security on the Internet.

The Area Director is assisted by a Directorate, an advisory entity with
no standards-setting powers.  The members of the Security Directorate
are as follows.


             Jeffrey I. Schiller jis@mit.edu
             Ran Atkinson        atkinson@itd.nrl.navy.mil
             Steve Bellovin      smb@research.att.com
             Steve Crocker       crocker@cybercash.com
             Barbara Fraser      byf@cert.org
             James M. Galvin     galvin@tis.com
             Phil Karn           karn@qualcomm.com
             Steve Kent          kent@bbn.com
             John Linn           linn@ov.com
             Clifford Neuman     bcn@isi.edu
             Rob Shirey          shirey@mitre.org
             Ted Ts'o            tytso@mit.edu


In addition to the Directorate, the Security Area is assisted by the
Security Area Advisory Group (SAAG). The SAAG is an open group that
meets at least once during each IETF meeting as well as electronically
via the saag@tis.com mailing list.  Send a message to
saag-request@tis.com to join the list.

During the SAAG meeting, the activities of the Security Area, including
the Directorate, are reported and discussed.  In addition, the SAAG
meeting provides an opportunity for open discussion of security issues.

Included below is a summary from those working groups and birds of a
feather sessions with security relevant activities to report and the
Security Directorate meeting summary.  In addition, the following topics
were discussed during the SAAG meeting.



Documents Approved as Proposed Standards

The IESG approved the advancement of five of the IPSEC documents to
Proposed Standards.  With the advancement of these documents the IPSEC
Working Group will focus on issues related to key management.

The IESG approved the advancement of the two MOSS documents to Proposed
Standards.  With the advancement of these documents the PEM Working
Group has completed its charter and will be closed.


Domain Name System Security

The last revision of the enhancements for the DNS to support security
has been released.  It will enter working group last call very soon; no
issues are expected to be raised.  At the end of the working group last
call the document will be submitted to the IESG to be considered for
publication as a Proposed Standard.  An implementation of the
specification is available to U.S. and Canadian sites and individuals
via anonymous FTP (see ftp://ftp.tis.com/pub/DNSSEC/README for details).


Key Management

It was noted that the Internet needs two kinds of key management:  one
for short-term keys and one for long-term keys.  The expected usage of
short-term keys would be on a per connection or per message basis.
Long-term keys, on the other hand, would probably be used to exchanged
short-term keys.

The distribution and management of long-term keys requires the existence
of a global infrastructure.  There are two options for the global
infrastructure today:  Secure DNS or The Directory (X.500).  It is also
possible that something completely different will be needed and
developed.

Key management is expected to get increasing attention in the IETF.


Internet Security Architecture

Steve Crocker gave an abbreviated version of his presentation to the IAB
the previous evening.  He posed a challenge to the community to improve
the network security at IETF meetings.  The specific proposal is to have
IPSEC available with manual keying, which would be enough to make a
difference when compared to the current configuration.  This should be
available for use in the IETF terminal room by both the
terminals/workstations and laptops.  In addition, we should install a
demonstration firewall that is IPSEC friendly.  The goal is to make it
available at the next IETF meeting in Dallas (December 4-8, 1995).



The activity of the following working groups and birds of a feather
sessions was reported.


Internet Secure Payments Protocol BOF (ISPP)


This BOF met two times with more than a dozen technology presentations.
Fortunately, the various technologies are much more similar than they
are different.

The consensus was that the IETF should have one or more working groups
in this area.  Charters will be proposed and submitted to the Area
Director for consideration.



Secure Socket Layer BOF (SSL)


A consensus developed for the need for a session layer security
protocol.  This was predicated on observing that IPSEC is below the
transport layer and the session layer is above it, and that implementing
security in the transport or network layer would require changes to
operating systems.  In contrast, session layer security could be
implemented and added non-invasively to existing systems, thus making
security services available to a broad range of application protocols.

As a result, a working group called Session Layer Security will be
proposed.  The Secure Socket Layer specification will serve as the
starting point for the new working group.



Simple Key Management for IP BOF (SKIP)


SKIP is Sun's proposal for key management on the Internet.  It is a
competitor to the Photouris specification being discussed in IPSEC. It
is still undecided as to whether this specification should be discussed
as part of the IPSEC Working Group or within its own working group.

Although there appeared to be consensus to move the SKIP specification
onto the standards track, the authors will need to discuss the process
and relationship to IPSEC with the Area Director and the chairs of the
IPSEC Working Group before this can be done.

[Note:  Since the IETF meeting took place, discussions between the
various parties are proceeding.  The likely outcome will be for the SKIP
work to take place within the IPSEC Working Group.]



Authenticated Firewall Traversal Working Group (AFT)


There are currently four implementations underway with interoperability
testing expected to begin shortly.  If the testing is successful three
documents will be submitted to the IESG to be considered for publication
as Proposed Standards before the next IETF meeting in Dallas.



Common Authentication Technology Working Group (CAT)


The CAT working group discussed topics related to active documents,
including GSS-V2 (to receive another set of specific revisions at the
Internet-Draft level, and then to be recommended for advancement to
Proposed Standards), IDUP (where revised interface specifications and a
new mechanism specification were discussed, with standards advancement
to be considered at the Dallas IETF), GSS-API Negotiation (new draft
discussed), Kerberos mechanism and extensions (status and comments
discussed, new drafts to follow), FTP Security (to be recommended for
advancement to Proposed Standard after inclusion of clarifying
revisions), and a presentation of a new mechanism based on FIPS PUB JJJ
cryptography.  Presentations on work in progress included GSS-API
integration into World Wide Web browsers and servers, loadable GSS-API
multi-mechanism support, and discussion of the use of RFC 1731 as a
generic framework for integration of security tokens into text-based
applications.  The group also discussed a range of candidate follow-on
topic areas related to authorization, and identified a subset with
apparent common value and feasibility for proposals and work by group
members.



IP Security Protocol Working Group (IPSEC)


The interoperability testing of the recently approved Proposed Standards
was discussed.  The majority of the meeting was devoted to discussing
Internet key management and the two working documents on Photouris and
ISAKMP.



Site Security Handbook Working Group (SSH)


Two documents are expected to be available by the first week of
November, which will allow for final revisions to be proposed during the
next IETF meeting in Dallas followed by advancing the documents onto the
standards track as quickly as possible.



Web Transaction Security Working Group (WTS)

There were three short presentations on related subjects and a review of
the two documents being developed by the working group.  With respect to
the requirements specification, several new issues were raised at this
meeting and most, but not all, were resolved.  There was consensus to
resolve the remaining issues on the list and then submit the document to
the IESG to be considered for publication as an Informational RFC.

Recent changes to the SHTTP document were reviewed and no objections
were raised.  An outstanding issue is coordinating SHTTP with MOSS,
which is dependent on the harder (and outside our scope) problem of
coordinating HTTP with MIME. We remain hopeful that we will reach
consensus on a document to propose to advance to Proposed Standard by
the next IETF meeting Dallas.


The Security Area Directorate met on Monday afternoon for a two hour
meeting.  In addition to all of the above, the following was noted.


Intellectual Property Rights (IPR)

The purpose of the discussion was information exchange.  Several
protocols are pending in the IESG as a result of unresolved IPR issues
and several protocols from the security area are about to be submitted
to the IESG with unresolved IPR issues.  It is uncertain exactly what
the outcome will be of any specific case.


Key-ed MD5

Key-ed MD5 is being used in a variety of protocols for authentication.
The IETF needs an applicability statement which includes advice on how
often to change the secrets.