Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

Yoav Nir writes: This draft represents a total shirking of our responsibility. Rather than decide on one protocol that is best or even arbitrarily choosing one that is good enough, it proposes to build a framework so that everyone and their dog can have their own method. This is a nightmare

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

Paul Hoffman writes: Partially yes, but unfortunately all of the authors of those actual protocols decided that they wanted to continue publishing those drafts as individual RFCs, and each of them used different way to negotiate them, so there was no way to even implement multiple of them.

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

Yaron Sheffer writes: Back to the matter at hand: I am opposed to draft-kivinen-ipsecme-secure-password-framework. It has served its purpose when two of the proposals were changed to add method negotiation, and thus enable IKE peers to implement none, one or more of these methods.

Re: Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

I support an IKEv2 ZKPP method framework. I don't understand the controversy -- i.e., I think it's much ado about nothing. Nico -- ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

I think this is a terrible idea. IKEv2 has a way for mutual authentication with a shared key. A concern was raised that this method was vulnerable to guessing if trivial shared keys were configured. There were several proposals for a better cryptographic method. The IPsecME working group

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

hat location=off On Jul 27, 2011, at 6:30 PM, Yoav Nir wrote: I think this is a terrible idea. +.5. I think is is a bad idea. IKEv2 has a way for mutual authentication with a shared key. A concern was raised that this method was vulnerable to guessing if trivial shared keys were

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

Paul, The existence of this draft shows a failure of YOUR leadership (and that of your co-chairman) of the working group. Consensus was achieved to add an authentication method based on a simple password yet you seemingly worked to do everything possible to create division in the working

Re: [IPsec] Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

Unfortunately Dan cannot accept that there may be objective, non political reasons for the group not to adopt his work. Which is the reason why three alternative proposals were published several months after his proposed PAKE solution. As co-chairmen of ipsecme, Paul and I did our best to get

Last Call: draft-kivinen-ipsecme-secure-password-framework-01.txt (Secure Password Framework for IKEv2) to Informational RFC

The IESG has received a request from an individual submitter to consider the following document: - 'Secure Password Framework for IKEv2' draft-kivinen-ipsecme-secure-password-framework-01.txt as an Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final