Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF Provisioning of Symmetric Keys (keyprov) WG Update

Published byDylan Hines Modified over 6 years ago

Similar presentations

Presentation on theme: "IETF Provisioning of Symmetric Keys (keyprov) WG Update"— Presentation transcript:

1 IETF Provisioning of Symmetric Keys (keyprov) WG Update
WG Chairs: Phillip Hallam-Baker Hannes Tschofenig Presentation by Andrea Doherty November

2 Active Work Dynamic Symmetric Key Provisioning Protocol (DSKPP)
Key Container Specification Portable Symmetric Key Container (PSKC) Symmetric Key Package Content Type Algorithm Identifiers draft-hallambaker-algorithm-identifiers-00.txt I-D just submitted; not yet accepted as a Working Group item WG Charter Page:

3 Current Status 2nd draft of DSKPP protocol specification (draft-ietf-keyprov-dskpp-01) was submitted since WG adoption Addresses feedback from IETF-69, individual reviews, and mailing list Working Group Last Call is scheduled for Nov 2007, however, there are still a small number of open issues that have to be resolved Open issues will be taken up at next IETF meeting Dec 3 in Vancouver

4 DSKPP Primer DSKPP is a client-server protocol for initialization (and configuration) of symmetric keys to cryptographic modules. Intended for use within computer and communications systems employing symmetric cryptographic modules that are locally (over-the-wire) or remotely (over-the-air) accessible. Can be run with or without private-key capabilities in the cryptographic modules, and with or without an established public key infrastructure

5 Protocol variants DSKPP variants support multiple usage scenarios:
Four-pass variant enables mutual key generation by the provisioning server and cryptographic module in near real-time; provisioned keys are not transferred over-the-wire or over-the-air Two- and one-pass variants enable generation and transport of symmetric keys to a cryptographic module in environments where near real-time communication is not possible Two- and one-pass variants also enable transport of pre-generated (i.e., legacy) keys to a cryptographic module

6 PSKC The Portable Symmetric Key Container (PSKC) is an XML-based format specification 2nd draft submitted since IETF KEYPROV WG adoption: Specifies a standard format for serializing symmetric keys for system import, export or network/protocol transport Facilitates dynamic provisioning and transfer of a symmetric key such as an OTP shared secret or an encryption key of different types Specifies key attributes required for interoperability

7 Symmetric Key Package Content Type
The Symmetric Key Package Content Type is an ASN.1-based format specification First draft submitted after IETF-69 as IETF KEYPROV WG item; no updates since then: Co-authored by Sean Turner and Russ Housley Used to transfer one or more plaintext symmetric keys from one party to another A symmetric key package can be encapsulated in one or more CMS (RFC3852) protecting content types

8 Next Steps Update draft-ietf-keyprov-dskpp-01.txt to incorporate final feedback from IETF-70 and mailing list before WGLC Update draft-ietf-keyprov-portable-symmetric-key-container-01.txt to incorporate final feedback from IETF-70 and mailing list before WGLC Comments are welcomed on the mailing list and via the issue tracker WG Last Call for DSKPP was scheduled for November 2007, but will be extended.

Download ppt "IETF Provisioning of Symmetric Keys (keyprov) WG Update"

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
Provision of Symmetric Keys (KEYPROV) WG Thursday, July 30, 2009 Morning Session I 0900-1130 Todays presentations available at: https://datatracker.ietf.org/meeting/75/materials.html.

Provision of Symmetric Keys (KEYPROV) WG Thursday, July 30, 2009 Morning Session I Todays presentations available at:
The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.

The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Internet Engineering Task Force Provisioning of Symmetric Keys Working Group www.oasis-open.org Hannes Tschofenig.

Internet Engineering Task Force Provisioning of Symmetric Keys Working Group Hannes Tschofenig.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
The Dynamic Symmetric Key Provisioning Protocol (DSKPP)

The Dynamic Symmetric Key Provisioning Protocol (DSKPP)
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.
SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-01) IETF 89, March 7, 2014 Authors: Michael Yan, Paul Kyzivat, Simon Romano.

SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-01) IETF 89, March 7, 2014 Authors: Michael Yan, Paul Kyzivat, Simon Romano.
Doc.: IEEE 802.11-08/0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE 802.11-IETF Liaison Report Date: 2008-03-19 Authors:

Doc.: IEEE /0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:
DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.

DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning www.oasis-open.org Philip Hoyer Senior Architect – CTO Office.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
IETF #82 DRINKS WG Meeting Taipei, Taiwan Fri, Nov 18 th 2011 0.

IETF #82 DRINKS WG Meeting Taipei, Taiwan Fri, Nov 18 th
IETF KeyProv work group: Provisioning of Symmetric Keys.

IETF KeyProv work group: Provisioning of Symmetric Keys.
WG Document Status 192nd IETF TEAS Working Group.

WG Document Status 192nd IETF TEAS Working Group.

Similar presentations

Ads by Google