Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com> Subject: Document Action: 'Secure PSK Authentication for IKE' to Experimental RFC (draft-harkins-ipsecme-spsk-auth-08.txt) The IESG has approved the following document: - 'Secure PSK Authentication for IKE' (draft-harkins-ipsecme-spsk-auth-08.txt) as an Experimental RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-harkins-ipsecme-spsk-auth/
Technical Summary This draft specifies the addition of a new authentication method to IKE that uses a zero-knowledge proof for authentication using only a password. It is resistant to dictionary attack and retains security even when used with "weak" pre-shared keys. Working Group Summary This document is an individual submission. It was used to advocate for expansion of the IPsecme WG's charter, which was expanded to include this topic. There was discussion of this draft on the mailing list and controversy on it seemed to be on unfounded IPR issues. At one point in time this draft had very rough consensus (enough to expand the charter to tackle the problem of password authentication) but that consensus has since been diluted. Document Quality This document has been reviewed by members of the IPsecme WG and by people on the CFRG mailing list. Primarily this review has been on technical, not editorial, content. Personnel Paul Hoffman is the Document Shepherd. Sean Turner is the responsible Area Director. Tero Kivinen is the IANA expert.