EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying (ERP/AAK)
draft-ietf-hokey-erp-aak-11
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
11 | (System) | post-migration administrative database adjustment to the No Objection position for Sean Turner |
2012-05-03
|
11 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2012-05-02
|
11 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2012-05-02
|
11 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2012-05-01
|
11 | Glen Zorn | New version available: draft-ietf-hokey-erp-aak-11.txt |
2012-04-30
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-04-25
|
10 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2012-04-25
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-04-03
|
10 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2012-03-19
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-03-05
|
10 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent |
2012-03-05
|
10 | (System) | IANA Action state changed to In Progress |
2012-03-05
|
10 | Cindy Morgan | State changed to Approved-announcement sent from IESG Evaluation::AD Followup |
2012-03-05
|
10 | Cindy Morgan | IESG has approved the document |
2012-03-05
|
10 | Cindy Morgan | Closed "Approve" ballot |
2012-03-05
|
10 | Cindy Morgan | Ballot approval text was generated |
2012-03-05
|
10 | Stephen Farrell | Ballot writeup was changed |
2012-03-05
|
10 | Stephen Farrell | Ballot writeup was changed |
2012-03-05
|
10 | Stephen Farrell | Ballot writeup was changed |
2012-03-05
|
10 | Sean Turner | [Ballot discuss] s5.4 and 9: Need to register CAP-Identifier. |
2012-03-05
|
10 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss |
2012-02-18
|
10 | Miguel García | Request for Telechat review by GENART Completed. Reviewer: Miguel Garcia. |
2012-02-17
|
10 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2012-02-17
|
10 | (System) | New version available: draft-ietf-hokey-erp-aak-10.txt |
2012-02-16
|
10 | Cindy Morgan | Removed from agenda for telechat |
2012-02-16
|
10 | Cindy Morgan | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation. |
2012-02-16
|
10 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-15
|
10 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Radia Perlman. |
2012-02-15
|
10 | Peter Saint-Andre | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-15
|
10 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-15
|
10 | Sean Turner | [Ballot comment] And now for some nits: 1) f1: Is there an extra "[" or is a "]" missing in the following: a. | … [Ballot comment] And now for some nits: 1) f1: Is there an extra "[" or is a "]" missing in the following: a. | [EAP-Initiate/ | | | I think a "]" is missing because a is optional. Note this is a total nit and shouldn't require you to post another version. 2) s3: r/thus message/this message 3) s4.1: Should this: The pMSK label is the 8-bit ASCII string: Early-Authentication Master Session Key@ietf.org be: The pMSK label is the 8-bit ASCII string: EAP Early-Authentication Master Session Key@ietf.org to match the earlier ASCII string? 4) s4.1: My assumption is that the pMSK ASCII string is coming from the same place and the KDF is also defined in 5295. Worth repeating for the pMSK? 5) s5.1, s5.2, s5.3: I know this is minor but r/changed parameters/new parameters 6) s5.2 and s5.3: Shouldn't you say something about L? It's mentioned later in s5.3 so something ought to at least be said about it even if it's just "L" see 5296 like for the SEQ field. 7) s5.3: r/HMAC-SHA256-128 is mandatory/HMAC-SHA256-128 is REQUIRED - just to make it match s5.2 |
2012-02-15
|
10 | Sean Turner | [Ballot discuss] s5.4 and 9: Need to register CAP-Identifier. |
2012-02-15
|
10 | Sean Turner | [Ballot Position Update] New position, Discuss, has been recorded |
2012-02-15
|
10 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-14
|
10 | Adrian Farrel | [Ballot comment] Please think about wether it would be useful to create a registry for the flags fields in the packets so that it is … [Ballot comment] Please think about wether it would be useful to create a registry for the flags fields in the packets so that it is easier to track them if/ when future extensions come along. |
2012-02-14
|
10 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-14
|
10 | Wesley Eddy | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-14
|
10 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-13
|
10 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-12
|
10 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-12
|
10 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded |
2012-02-12
|
09 | (System) | New version available: draft-ietf-hokey-erp-aak-09.txt |
2012-02-09
|
10 | Jean Mahoney | Request for Telechat review by GENART is assigned to Miguel Garcia |
2012-02-09
|
10 | Jean Mahoney | Request for Telechat review by GENART is assigned to Miguel Garcia |
2012-02-08
|
10 | Stephen Farrell | State changed to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup. |
2012-02-08
|
10 | Stephen Farrell | Placed on agenda for telechat - 2012-02-16 |
2012-02-08
|
10 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2012-02-08
|
10 | Stephen Farrell | Ballot has been issued |
2012-02-08
|
10 | Stephen Farrell | Created "Approve" ballot |
2012-02-08
|
10 | Stephen Farrell | Ballot writeup text changed |
2012-02-08
|
10 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2012-02-08
|
08 | (System) | New version available: draft-ietf-hokey-erp-aak-08.txt |
2012-02-08
|
10 | Stephen Farrell | State changed to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead. waiting for gen-art comment fixes |
2012-02-07
|
10 | Amanda Baber | IANA understands that, upon approval of this document, there are two actions which IANA must complete. First, in the EAP Initiate and Finish Attributes subregistry … IANA understands that, upon approval of this document, there are two actions which IANA must complete. First, in the EAP Initiate and Finish Attributes subregistry of the Extensible Authentication Protocol (EAP) Registry located at: www.iana.org/assignments/eap-numbers/eap-numbers.xml four new TLV type values will be assigned as follows: Type: [ tbd ] Description: Sequence number Payload Type: TV Reference: [ RFC-to-be ] Type: [ tbd ] Description: ERP/AAK-Key Payload Type: TLV Reference: [ RFC-to-be ] Type: [ tbd ] Description: pRK Lifetime Payload Type: TLV Reference: [ RFC-to-be ] Type: [ tbd ] Description: pMSK Lifetime Payload Type: TLV Reference: [ RFC-to-be ] IANA notes that the authors request types 7 through 10 inclusive for these four TLV type values and will, if possible, use those values. Second, in the User Specific Root Keys (USRK) Key Labels subregistry of the Extended Master Session Key (EMSK) Parameters registry located at: http://www.iana.org/assignments/emsk-parameters/emsk-parameters.xml a new key label will be added as follows: Label: EAP Early-Authentication Root Key@ietf.org Description: Early authentication usage reference: [ RFC-to-be ] IANA understands that these are the only actions required to be completed upon approval of this document. |
2012-02-07
|
10 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2012-02-03
|
10 | Miguel García | Request for Last Call review by GENART Completed. Reviewer: Miguel Garcia. |
2012-01-27
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2012-01-27
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2012-01-26
|
10 | Jean Mahoney | Request for Last Call review by GENART is assigned to Miguel Garcia |
2012-01-26
|
10 | Jean Mahoney | Request for Last Call review by GENART is assigned to Miguel Garcia |
2012-01-24
|
10 | Amy Vezza | Last call sent |
2012-01-24
|
10 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying (ERP/AAK)) to Proposed Standard The IESG has received a request from the Handover Keying WG (hokey) to consider the following document: - 'EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying (ERP/AAK)' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-02-07. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. The EAP Re-authentication Protocol (ERP) specifies extensions to EAP and the EAP keying hierarchy to support an EAP method-independent protocol for efficient re-authentication between the peer and an EAP re-authentication server through any authenticator. Authenticated Anticipatory Keying (AAK) is a method by which cryptographic keying material may be established upon one or more candidate attachment points (CAPs) prior to handover. AAK uses the AAA infrastructure for key transport. This document specifies the extensions necessary to enable AAK support in ERP. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-hokey-erp-aak/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-hokey-erp-aak/ The following IPR Declarations may be related to this I-D: http://datatracker.ietf.org/ipr/1450/ |
2012-01-24
|
10 | Stephen Farrell | Last Call was requested |
2012-01-24
|
10 | Stephen Farrell | State changed to Last Call Requested from AD Evaluation::AD Followup. |
2012-01-24
|
10 | Stephen Farrell | Last Call text changed |
2012-01-24
|
10 | (System) | Ballot writeup text was added |
2012-01-24
|
10 | (System) | Last call text was added |
2012-01-16
|
10 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2012-01-16
|
07 | (System) | New version available: draft-ietf-hokey-erp-aak-07.txt |
2011-11-21
|
10 | Stephen Farrell | State changed to AD Evaluation::Revised ID Needed from Publication Requested. |
2011-11-02
|
10 | Stephen Farrell | PROTO write up rx'd via email (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this … PROTO write up rx'd via email (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? The document shepherd for draft-ietf-hokey-erp-aak is Tina Tsou . I believe this document is ready for forwarding to the IESG for publication. the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Yes, the review has been adequate. Both the OPS and security people active in the WG has reviewed it. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization or XML? No concerns. (1.d) Do have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on &n s issue. IPR disclosure to this document has been brought to the attention of the working group and is purely for defensive use. There are no other concerns. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? It represents the concurrence of a few individuals with others being silent. (1.f) Has anyone threatened an appeal or otherwise indicated extreme &n bsp;&nbs ;discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) No. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See the Internet-Drafts Checklist and http://tools.ietf.org/tools/idnits/). Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type and URI tye review Datatracker finds no issues. Idnits is satisfied. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. Split as required. No down-references. (1.i) Has the Document Shepherd verified that the document IANA consideration section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC5226]. If the document describes an Expert Review process has Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during the IESG Evaluation? The IANA considerations section exists; the registry is identified and there are no other new registries. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? Not applicable. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up? Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections p; Technical Summary The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. The EAP Re-authentication Protocol (ERP) specifies extensions to EAP and the EAP keying hierarchy to support an EAP method-independent protocol for efficient re-authentication between the peer and an EAP re-authentication server through any authenticator. Authenticated Anticipatory Keying (AAK) is a method by which cryptographic keying material may be established upon one or more candidate attachment points (CAPs) prior to handover. AAK uses the AAA infrastructure for key transport. This document specifies the extensions necessary to enable AAK support in ERP. Working Group Summary The document is a product of the Hokey working group. The document has working group consensus. Document Quality The document develops a series of procedure, protocol for the specific usage scenario identified. This document has gotten sufficient review from people with both OPS and Security background. The quality of the document is good. |
2011-11-02
|
10 | Stephen Farrell | Draft added in state Publication Requested |
2011-10-21
|
06 | (System) | New version available: draft-ietf-hokey-erp-aak-06.txt |
2011-09-14
|
05 | (System) | New version available: draft-ietf-hokey-erp-aak-05.txt |
2011-03-14
|
04 | (System) | New version available: draft-ietf-hokey-erp-aak-04.txt |
2010-11-24
|
(System) | Posted related IPR disclosure: Huawei Technologies Co.,Ltd's Statement about IPR related to draft-ietf-hokey-erp-aak-03 | |
2010-11-08
|
03 | (System) | New version available: draft-ietf-hokey-erp-aak-03.txt |
2010-05-11
|
02 | (System) | New version available: draft-ietf-hokey-erp-aak-02.txt |
2010-04-27
|
01 | (System) | New version available: draft-ietf-hokey-erp-aak-01.txt |
2010-04-09
|
00 | (System) | New version available: draft-ietf-hokey-erp-aak-00.txt |