Better-Than-Nothing Security: An Unauthenticated Mode of IPsec
RFC 5386

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    btns mailing list <>, 
    btns chair <>
Subject: Protocol Action: 'Better-Than-Nothing-Security: An 
         Unauthenticated Mode of IPsec' to Proposed Standard 

The IESG has approved the following document:

- 'Better-Than-Nothing-Security: An Unauthenticated Mode of IPsec '
   <draft-ietf-btns-core-08.txt> as a Proposed Standard

This document is the product of the Better-Than-Nothing Security Working 

The IESG contact persons are Tim Polk and Pasi Eronen.

A URL of this Internet-Draft is:

Technical Summary
   The Internet network security protocol suite, IPsec, consisting of
   IKE, ESP, and AH, generally requires authentication of network layer
   entities to bootstrap security. This authentication can be based on
   mechanisms such as pre-shared symmetric keys, certificates and
   associated asymmetric keys, or the use of Kerberos. The need to
   deploy authentication information and its associated identities to
   network layer entities can be a significant obstacle to use of
   network security.  This document describes extensions to the SPD and
PAD to allow BTNS IPsec.
Working Group Summary
   This document had rough consensus of the BTNS working group.
Protocol Quality

   Sam Hartman reviewed the specification for the IESG.

Note to RFC Editor
Section 2:
old: bind the same public key.  These certificates need not to have been
new: bind the same public key.  These certificates do not need to be