1 / 10

ISMS WG Status 62th IETF Minneapolis March 7, 2005

ISMS WG Status 62th IETF Minneapolis March 7, 2005. Goal: Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators. Discussion: isms@ietf.org Admin: isms-request@ops.ietf.org (in body: subscribe). Proposals.

leane
Download Presentation

ISMS WG Status 62th IETF Minneapolis March 7, 2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISMS WG Status62th IETFMinneapolisMarch 7, 2005 Goal: Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators. Discussion: isms@ietf.org Admin: isms-request@ops.ietf.org (in body: subscribe)

  2. Proposals • SBSM - Session-Based Security Model • draft-hardaker-snmp-session-sm-03.txt • EUSM - External User Security Model • draft-kaushik-snmp-external-usm-01.txt • updated to version -02 • TLSM - Transport Layer Security Model • draft-schoenw-snmp-tlsm-01.txt 2

  3. Proposal Evaluation • Evaluation team • Uri Blumenthal, Lakshminath Dondeti, • Randy Presuhn, Eric Rescorla • Comparison of Proposals for Integrated Security Models for SNMP • draft-ietf-isms-proposal-comparison-00 • Basic statement: no clear winner • Recommendation: • The EUSM architecture would be the right direction for the ISMS WG. • However, a number of aspects of the EUSM design need moderate to substantial revision. 3

  4. Recent Discovery • RFC 3748: • EAP was designed for use in network access authentication, where IP layer connectivity may not be available. Use of EAP for other purposes, such as bulk data transport, is NOT RECOMMENDED. • The EUSM proposal violates this recommendation 4

  5. Proposal 1 for Changing Work Plan • Have a new submission deadline soon • End of April? • Have a second evaluation of revised or new proposals • Do we need a new team? • 2nd Evaluation report before summer break • End of June? • Charter discussion at IETF 63 • Re-charter until end of August 5

  6. Proposal 2 for Changing Work Plan • Discuss architecture first • Consensus by end of April? • Charter discussion at IETF 63 • Re-charter until August 6

  7. Recommendations for revised/new solution proposals • Consider recommendations given in the proposal comparison I-D • Clearly and explicitly describe your integration with at least one common security infrastructure • Avoid using EAP 7

  8. Planned ISMS WG Agenda 1) WG Status, Agenda bashing ( 5 min) 2) Proposal Comparison (45 min) - presentation of draft-ietf-isms-proposal-comparoson-00 3) Discussion of WG direction (30 min) - on which soluiton approach will the WG focis ist efforts? 4) Charter discussion (45 min) 5) Update of the EUSM proposal (optional) (20 min) - draft-kaushik-snmp-external-usm-02 6) Wrap up ( 5 min) - action points, schedule 8

  9. Revised ISMS WG Agenda 1) WG Status, Agenda bashing (10 min) 2) Proposal Comparison (30 min) - presentation of draft-ietf-isms-proposal-comparoson-00 3) Weaknesses of USM (15 min) 4) Update of the EUSM proposal (optional) (15 min) - draft-kaushik-snmp-external-usm-02 5) Discussion of procedure (20 min) 6) Wrap up ( 5 min) - action points, schedule 9

  10. ISMS Milestones • Apr 04   • Cut-off date for internet-drafts to be submitted to the working group for consideration as a proposed solution • Jun 04 • Proposal evaluation and recommendation • Aug 05 • Working group will recharter to include publication goals or shutdown if no consensus on a technical direction is reached by this time 10

More Related