Guidelines for Cryptographic Key Management
draft-bellovin-mandate-keymgmt-03
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2005-02-24
|
03 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2005-02-21
|
03 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2005-02-21
|
03 | Amy Vezza | IESG has approved the document |
|
2005-02-21
|
03 | Amy Vezza | Closed "Approve" ballot |
|
2005-02-18
|
03 | (System) | Removed from agenda for telechat - 2005-02-17 |
|
2005-02-17
|
03 | Amy Vezza | State Changes to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation by Amy Vezza |
|
2005-02-17
|
03 | Sam Hartman | Status date has been changed to 2005-02-17 from |
|
2005-02-17
|
03 | Sam Hartman | [Note]: 'rfc-editor note entered and correct' added by Sam Hartman |
|
2005-02-17
|
03 | Thomas Narten | [Ballot comment] > 2.2. Manual Key Management > > Manual key management is a reasonable approach in any of these > situations: should … [Ballot comment] > 2.2. Manual Key Management > > Manual key management is a reasonable approach in any of these > situations: should we s/is a/may be a/? My concern is that the first example "limited bandwidth" is something I hear a lot about, and I don't want folk to be able to say "see, this document says we're a special case" |
|
2005-02-17
|
03 | Thomas Narten | [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten |
|
2005-02-17
|
03 | Michelle Cotton | IANA Comments: We understand this document to have NO IANA Actions. |
|
2005-02-17
|
03 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
|
2005-02-17
|
03 | Allison Mankin | [Ballot Position Update] Position for Allison Mankin has been changed to No Objection from Undefined by Allison Mankin |
|
2005-02-17
|
03 | Allison Mankin | [Ballot comment] Not a Discuss, but for a discussion at some point: Is it possible to add to the reasons for not using automated key … [Ballot comment] Not a Discuss, but for a discussion at some point: Is it possible to add to the reasons for not using automated key management that an automated key management protocol is not available with suitable applicability for the application environment? (IKEv2 and IPSec are not ideal for every application environment, but what other warm recommendation do we have for automated key management for applications?) |
|
2005-02-17
|
03 | Allison Mankin | [Ballot Position Update] New position, Undefined, has been recorded for Allison Mankin by Allison Mankin |
|
2005-02-17
|
03 | Harald Alvestrand | Review by Scott Brim, Gen-ART No serious objection, although here are some things you might consider. - It lacks an IANA Considerations section. - "There … Review by Scott Brim, Gen-ART No serious objection, although here are some things you might consider. - It lacks an IANA Considerations section. - "There is not one answer to that question; circumstances differ. In general, automated key management SHOULD be used. Occasionally, relying on manual key management is reasonable; we propose some guidelines for making that judgment." This is a BCP -- I hope you're doing more than "proposing" guidelines :-). "provide"? "offer"? - "Manual key management is used to distribute such values." s/is/can be/ ? - "In particular, the protocol associated with an automated key management technique will confirm liveness of the peer, protect against replay, ..." s/will/can/ ? - "Examples of automated key management systems include IPsec IKE and Kerberos." add commas - "In general, automated key management SHOULD be used to establish session keys. This is a very strong "SHOULD", meaning the justification is needed in the security considerations section of a proposal that makes use of manual key management." Grades of SHOULD will be difficult to referee. I suggest: "A proposal MUST use automated key management to establish session keys unless adequate justification is provided in the Security Considerations section for the use of manual key management." - "When manual key management is used, long-term shared secrets MUST be unpredictable "random" values ..." I would take out "unpredictable". First it's redundant with "random" and second we have the same problems generating unpredictable values as we do random ones. |
|
2005-02-17
|
03 | Harald Alvestrand | [Ballot comment] Reviewed by Scott Brim, Gen-ART Some comments that may need addressing; full review in comment log. |
|
2005-02-17
|
03 | Harald Alvestrand | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand by Harald Alvestrand |
|
2005-02-16
|
03 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner |
|
2005-02-16
|
03 | Alex Zinin | [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin |
|
2005-02-16
|
03 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
|
2005-02-16
|
03 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
|
2005-02-14
|
03 | Scott Hollenbeck | [Ballot Position Update] New position, No Objection, has been recorded for Scott Hollenbeck by Scott Hollenbeck |
|
2005-02-11
|
03 | Russ Housley | [Ballot Position Update] New position, Recuse, has been recorded for Russ Housley by Russ Housley |
|
2005-02-11
|
03 | Sam Hartman | [Ballot Position Update] New position, Yes, has been recorded for Sam Hartman |
|
2005-02-11
|
03 | Sam Hartman | Ballot has been issued by Sam Hartman |
|
2005-02-11
|
03 | Sam Hartman | Created "Approve" ballot |
|
2005-02-09
|
03 | Sam Hartman | Placed on agenda for telechat - 2005-02-17 by Sam Hartman |
|
2005-02-09
|
03 | Sam Hartman | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Sam Hartman |
|
2005-02-08
|
03 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2005-01-11
|
03 | Amy Vezza | Last call sent |
|
2005-01-11
|
03 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
|
2005-01-11
|
03 | Sam Hartman | Last Call was requested by Sam Hartman |
|
2005-01-11
|
03 | Sam Hartman | State Changes to Last Call Requested from AD Evaluation by Sam Hartman |
|
2005-01-11
|
03 | (System) | Ballot writeup text was added |
|
2005-01-11
|
03 | (System) | Last call text was added |
|
2005-01-11
|
03 | (System) | Ballot approval text was added |
|
2005-01-11
|
03 | (System) | New version available: draft-bellovin-mandate-keymgmt-03.txt |
|
2005-01-09
|
03 | Sam Hartman | State Changes to AD Evaluation from Publication Requested by Sam Hartman |
|
2005-01-07
|
03 | Sam Hartman | Draft Added by Sam Hartman in state Publication Requested |
|
2005-01-06
|
02 | (System) | New version available: draft-bellovin-mandate-keymgmt-02.txt |
|
2004-10-19
|
01 | (System) | New version available: draft-bellovin-mandate-keymgmt-01.txt |
|
2003-04-09
|
00 | (System) | New version available: draft-bellovin-mandate-keymgmt-00.txt |