Dear All,
CGA-TSIG (http://tools.ietf.org/html/draft-rafiee-intarea-cga-tsig ) will be
presented as a last item of intarea (Session 2014-03-04 1300-1400: Viscount)
intarea WG Agenda
IETF 89
TUESDAY, March 4, 2014
1300-1400 Tuesday Afternoon Session I
I ask you all, DNS experts, please review this draft and attend intarea
session (tomorrow , Tuesday, at 13:00 - 14:00). Even though you might have a
meeting, please try to attend the 15 last minutes of intarea since it will
be the last item that will be presented there. Please consider reviewing
this draft so that we have fruitful discussions :-)
For those who didn't read my long note:
The area that this draft covers
- secure authentication during different scenarios especially the
authentication of the resolvers, without extra efforts, and by the support
of this algorithm or during updating PTR or FQDN record in a secure manner.
- privacy and confidentiality: People in IETF are looking for a solution
for confidentiality as I heard discussion in this group and application
area. This can be a solution for this. This is especially helpful in the
unsecure environment where you want to have a privacy while browsing
different websites. So you need to have a data encryption between the
resolver and your computer. What your computer need to know is only the IP
address of the resolver, CGA-TSIG handle the other parts. :-)
The other use case for confidentiality is in a zone transfer scenario or
dynamic update. The data exchange between the master and slave should be
encrypted to keep these data from prying eyes.
So, this draft answers to the need of both data integrity and
confidentiality and prevent IP spoofing without extra effort.
Hope to see you all tomorrow :-)
Thanks,
Hosnieh
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
