RE: Request for RADIUS crypto-agility solutions

["Joseph Salowey \(jsalowey\)" <jsalowey@cisco.com>]

I propose an attribute based crypto agility solution based on the
following documents:

http://www.ietf.org/internet-drafts/draft-zorn-radius-keywrap-12.txt
and
http://www.ietf.org/internet-drafts/draft-zorn-radius-encattr-06.txt

One of the goals of this approach is to reduce the impact on current
RADIUS implementations by using attributes similar to existing
attributes and not requiring "session state" between the RADIUS client
and server.  I believe this will be less impact on RADIUS
implementations than the DTLS approach.

Joe 

> -----Original Message-----
> From: owner-radiusext@ops.ietf.org 
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Alan DeKok
> Sent: Wednesday, April 11, 2007 6:10 AM
> To: Bernard Aboba
> Cc: radiusext@ops.ietf.org
> Subject: Re: Request for RADIUS crypto-agility solutions
> 
> Bernard Aboba wrote:
> > This is a formal request for submission of documents solving the 
> > RADIUS crypto-agility problem.  Proposers should send an 
> email to the RADEXT WG
> > list providing a pointer to their proposal by April 21, 
> 2007.   Once the
> > proposals have been submitted, we will initiate WG review.
> 
>   I propose RADIUS + DTLS, as presented at IETF 68:
> 
> http://tools.ietf.org/id/draft-dekok-radext-dtls-00.txt
> 
>   Alan DeKok.
> 
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>