Paul Wouters
Pronouns: he/him
Security Area Director (2nd term)
IKE / IPsec developer with libreswan for 25 years IETF participant for 15 years, mostly in the security area and DNS Aiven.io Senior Security Architect Fedora / CentOS security software engineer, former Red Hat Enterprise Linux Security Engineer DNS / DNSSEC developer NIST SP800-77 Rev.1 Author ICANN RSTEP, former ICANN liason, former ICANN Root Rollover Design committee, former ICANN newGTLD Registry Services Panel Formerly RedHat Senior Software Engineer for VPN Technologies and Crypto Group Coffee Snob
Roles
RFCs (17)
RFC | Date | Title | Cited by |
---|---|---|---|
RFC 7250 | Jun 2014 | Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) | 21 RFCs |
RFC 7619 | Aug 2015 | The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) | 8 RFCs |
RFC 7670 | Jan 2016 | Generic Raw Public-Key Support for IKEv2 | 1 RFC |
RFC 7828 | Apr 2016 | The edns-tcp-keepalive EDNS0 Option | 9 RFCs |
RFC 7901 | Jun 2016 | CHAIN Query Requests in DNS | 3 RFCs |
RFC 7929 | Aug 2016 | DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP | 3 RFCs |
RFC 8078 | Mar 2017 | Managing DS Records from the Parent via CDS/CDNSKEY | 3 RFCs |
RFC 8221 | Oct 2017 | Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH) | 8 RFCs |
RFC 8247 | Sep 2017 | Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2) | 6 RFCs |
RFC 8598 | May 2019 | Split DNS Configuration for the Internet Key Exchange Protocol Version 2 (IKEv2) | 1 RFC |
RFC 8624 | Jun 2019 | Algorithm Implementation Requirements and Usage Guidance for DNSSEC | 3 RFCs |
RFC 9102 | Aug 2021 | TLS DNSSEC Chain Extension | |
RFC 9395 | Apr 2023 | Deprecation of the Internet Key Exchange Version 1 (IKEv1) Protocol and Obsoleted Algorithms | |
RFC 9471 | Sep 2023 | DNS Glue Requirements in Referral Responses | |
RFC 9478 | Oct 2023 | Labeled IPsec Traffic Selector Support for the Internet Key Exchange Protocol Version 2 (IKEv2) | 1 RFC |
RFC 9580 | Jul 2024 | OpenPGP | |
RFC 9611 | Jul 2024 | Internet Key Exchange Protocol Version 2 (IKEv2) Support for Per-Resource Child Security Associations (SAs) |
Active Internet-Drafts (5)
- draft-ietf-dnsop-domain-verification-techniques
- draft-pwouters-ipsecme-delete-info
- draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt
- draft-pwouters-ds-uplifting
- draft-pwouters-parental-rrtype
Expired Internet-Drafts (30)
- draft-pan-ipsecme-anti-replay-notification
- draft-pwouters-ipsecme-child-pfs-info
- draft-pwouters-dnsop-dakami
- draft-ietf-dnsop-delegation-only
- draft-york-dnsop-deploying-dnssec-crypto-algs
- draft-asmithee-tls-dnssec-downprot
- draft-ietf-regext-dnsoperator-to-rrr-protocol
- draft-sprasad-ipsecme-labeled-ipsec
- draft-antony-ipsecme-oppo-nat
- draft-ietf-dane-openpgpkey-usage
- draft-wouters-dane-openpgpkey-usage
- draft-wouters-dane-openpgp
- draft-wouters-dane-otrfp
- draft-wouters-edns-tcp-chain-query
- draft-ietf-ipsecme-oob-pubkey
- draft-wouters-dnsop-secure-update-use-cases