[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RADEXT Crypto-agility work item



At IETF-66, the RADEXT chairs took the action item to come up with some
charter text that would describe the scope of the crypto-agility work
item.

The following text is being proposed, after having been vetted by Russ
Housley, Security Area AD.

Please comment.  If this text is acceptable to the WG, we will propose
it to the O&M ADs for addition to the RADEXT charter.

<quote>

The RADEXT WG will review the security requirements for crypto-agility
in IETF protocols, and identify the deficiencies of the existing RADIUS
protocol specifications against these requirements.  Specific attention
will be paid to the requirements of draft-housley-aaa-key-mgmt-04.txt.

The RADEXT WG will propose one or more Internet Drafts to remediate any
identified deficiencies in the crypto-agility properties of the RADIUS
protocol.  The known deficiencies include the issue of negotiation of
substitute algorithms for the message digest functions, the key-wrap
functions, and the password hiding function.  Additionally, at least one
mandatory to implement algorithm will be defined in each of these areas,
as required.

</quote>

Regards,
 
Dave


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>