Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE)
RFC 6617

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Secure PSK Authentication for IKE' to Experimental RFC (draft-harkins-ipsecme-spsk-auth-08.txt)

The IESG has approved the following document:
- 'Secure PSK Authentication for IKE'
  (draft-harkins-ipsecme-spsk-auth-08.txt) as an Experimental RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Sean Turner.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-harkins-ipsecme-spsk-auth/


Technical Summary

  This draft specifies the addition of a new authentication
  method to IKE that uses a zero-knowledge proof for
  authentication using only a password. It is resistant to
  dictionary attack and retains security even when used with
  "weak" pre-shared keys.

Working Group Summary

   This document is an individual submission. It was used to
   advocate for expansion of the IPsecme WG's charter, which
   was expanded to include this topic. There was discussion of
   this draft on the mailing list and controversy on it seemed
   to be on unfounded IPR issues. At one point in time this draft
   had very rough consensus (enough to expand the charter to tackle
   the problem of password authentication) but that consensus
   has since been diluted.

Document Quality

   This document has been reviewed by members of the IPsecme WG
   and by people on the CFRG mailing list. Primarily this review
   has been on technical, not editorial, content. 

Personnel

   Paul Hoffman is the Document Shepherd.
   Sean Turner is the responsible Area Director.
   Tero Kivinen is the IANA expert.