Summary of 34th IETF Meeting, held 4-8 December 1995, Dallas

by Hilarie Orman

Progress in defining and implementing a proposed network layer security standard and associated key exchange methods enlivened the IPSEC working group meeetings at the 34th IETF held in Dallas December 4th through 8th. The working group, which has been meeting at IETF's for the last 4 years, has defined a set of enhancements for IP packets for authentication and integrity, and orthogonally, privacy. Several implementors were on-hand with laptop machines, and they exchanged ICMP ("ping") packets using the Authentication Header (AH) enhancements which protect an entire IP message, and the encryption enhancements (ESP), which make the IP payload opaque.

The required algorithms for use with these options are MD5 for AH and DES for ESP, and these were the ones used in the demonstrations. The RFC's that define the architecture, the AH and ESP headers, and the environment for applying the algorithms are RFC's 1825, 1826, 1827, 1828, and 1829, available from the ftp directory ftp://ds.internic.net/documents/rfc.

Two key exchange protocols using the Diffie-Hellman algorithm were demonstrated: Photuris and SKIP. In each case, two independent implementations achieved interoperation. Photuris and SKIP differ primarily in regard to supplying Perfect Forward Secrecy; Photuris can supply a session key that is independent of any long-term state, while SKIP keys are interdependent for the life of an advertised public component. As a corollary, Photuris requires maintenance of some state information while the key is computed, and SKIP is stateless. The draft documents describing these protocols are available from . ftp://ds.internic.net/documents/internet-drafts.

Progress on a third key exchange protocol, ISAKMP, was discussed in the working group, and two implementations were demonstrated immediately following the working group meeting. ISAKMP is designed to serve as an "umbrella" for many, perhaps thousands, of key exchange methods. Photuris has been influenced by ISAKMP, and the Diffie-Hellman algorithm is only one of a class of methods that can be supported by either protocol.

Other working groups in the security area that met were the Public Key Infrastructure (X.509) Group, Common Authentication Technology, Domain Name System (DNS) Security, One Time Password Authentication (OTP), and the HTTP Transaction Security group.

The DNS extensions are relevant to the IP security work because they provide a possible method for distributing public keys for use in authenticating the key components that are essential to the Diffie-Hellman exchanges. The DNS security extensions are described in ftp://ds.internic.net/documents/internet-drafts/draft-ietf-dnssec-secext-06.txt .

The OTP working group has move its specification forward towards publication as a Proposed Standard RFC. It is expected to become a Proposed Standard in early January 1996. A freely distributable implementation of this specification is available by anonymous FTP from: ftp.nrl.navy.mil/pub/security/nrl-opie

Minutes for the meetings will be available at ftp://ds.internic.net/documents/minutes directory.

In a surprising development, the SNMPv2 group determined that they could reach no consensus on security extensions to the Simple Network Monitoring Protocol, and so they will remove those extensions from the current draft.