Security Area Director: o Jeff Schiller: jis@mit.edu Area Summary reported by Jeff Schiller/MIT and Jim Galvin/TIS The Security Area within the IETF is responsible for development of security oriented protocols, security review of RFCs, development of candidate policies, and review of operational security in the Internet. Jeff Schiller took over as area director from Steve Crocker at the end of the IETF meeting. Steve joined the IAB at the same time. Steve and Jeff worked closely throughout this IETF meeting in order to best facilitate the transition. The PEM Working Group is being reorganized (see summary below). Specifically it will focus its work on completing the current PEM-MIME specification. A new working group (as yet not chartered) will form to discuss various possible methods of distributing keys, both for use with PEM-MIME as well as other protocols that can benefit from a key distribution infrastructure. Much of the work of the Security Area is performed in coordination with working groups in other areas. The Security Area Advisory Group (SAAG) is a group of security experts which provides both consulting help to other areas and direct management of working groups within the Security Area. The main bulk of the work for SAAG consists of a set of formal work items. These work items correspond to working groups within the IETF Security Area, security-relevant developments within working groups in areas other than Security, and internal SAAG work items which do not merit the creation of formal working groups but which do need some level of attention. Following the SAAG minutes is a status report for each of the working groups officially chartered or initiated within the Security Area. Immediately following those reports is an update on other security issues as well as security-related work in other IETF areas. Security Area Advisory Group (SAAG) The Security Area Advisory Group met twice during the March 1994 Seattle IETF. Individual work items were reviewed and are reported below. Each of the work items were updated in April 1994 with the exception of export control issues and routing security plan, which were updated in March 1994. In addition, the following topics were discussed: o General Security awareness at this IETF was at an all-time high. Many more people believe we need security but observe the inconvenience experienced by users. We need an Internet architecture that provides for security in a cogent and uniform way. Two areas that deserve special attention are one-time passwords and firewalls, discussed below. It was also noted that security is an area that does not quite fit the Internet procedural model. In particular, rough consensus and running code are insufficient tests of completeness and accuracy for security protocols. We must continue to keep this in mind and explore ways in which we can evaluate security protocols. Finally, it was noted that the report from the IAB retreat contains a number of short-term recommendations for the Internet community. Our new Security Area Director will schedule some time for discussion of these recommendations at the next meeting. o One-Time Passwords It is obvious that allowing passwords to repeatedly appear in the clear on networks is a serious vulnerability. It is time to deprecate the usage of cleartext passwords and proactively assert the usage of one-time passwords. This conclusion represents a strategic direction of the Internet Security Area. There are at least three technologies available in this area: S/Key, challenge-response cards, and SecureID. Phil Karn and Bill Simpson agreed to draft a document describing S/Key. Len Zorn agreed to draft a description of Digital Pathways, a challenge-response card. It was also noted that the use of one-time passwords should become an integral part of direct access protocols, for example, TELNET, FTP, and PPP. o Firewalls The use of firewalls in the Internet is becoming more popular as a means by which sites can protect themselves from attack. However, there is very little guidance as to how to best make use of a firewall, in particular where and how a firewall fits in a security architecture. It was noted that John Wack is the point of contact at NIST for a document they are preparing that may discuss some of these issues. Barbara Fraser agreed to contact John and determine the status of their document. Authorization and Access Control Working Group (AAC) The authorization and access control draft that exists will be revised and receive a final working group review in Toronto before being submitted for publication as an Informational document. At that time, the charter of the working group will be revised. Common Authentication Technology Working Group (CAT) The status of ongoing GSS-API and application development and testing was reviewed; there are now two independent Kerberos V5 GSS-API implementations. Various demonstration applications have been implemented in order to validate interoperability and in preparation for advancing RFCs 1508-1510 to Draft Standard status. The group believes that the FTP Security Internet-Draft is ready for advancement to Proposed Standard. Commercial Internet Protocol Security Option Working Group (CIPSO) No progress to report. Internet Protocol Security Protocol Working Group (IPSEC) Minutes not received in time for inclusion. Network Access Server Requirements (NASREQ) An authentication and authorization model document has been distributed. It will be revised and submitted for publication as an Informational document. At that time, the working group will be concluded. Privacy-Enhanced Electronic Mail Working Group (PEM) Discussions of certificate trust will be continued in new working groups. This working group will focus on the PEM and MIME integration document, which was distributed and reviewed at this meeting. Some minor revisions are required and will be distributed for final review by the Toronto IETF. TELNET Working Group (TELNET) - Applications Area No progress to report. Domain Name System Security Working Group (DNSSEC) - Service Applications Area The proposed security enhancements drafted by Donald Eastlake and Charlie Kaufman were reviewed. The desired requirements specified at the Houston meeting were reviewed, followed by a presentation and discussion of the proposal. A number of issues were identified, with a disposition proposed for each. In particular, resolution on a few was deferred until after implementation experience was available. Trusted Network File Systems Working Group (TNFS) - Service Applications Area A document is nearing completion that will be submitted for publication as a Proposed Standard. This group meets principally under the auspices of the Trusted Systems Interoperability Group (TSIG). Audio/Video Transport Working Group (AVT) - Transport Area Minutes not received in time for inclusion. Integrated Directory Services Working Group (IDS) - User Services Area Minutes not received in time for inclusion. Clipper Status This work item was created at the Seattle IETF to track this activity. There is no consensus at this time as to whether the IETF should be concerned about Clipper activities. Export Control Issues It was reported that cryptographic algorithm descriptions may be published in books and exported without a license. A brief report was presented by several people on the status of Clipper, although there was no consensus on whether the IETF should be concerned about it. Firewalls This work item was created at the Seattle IETF to produce firewall documents. It was reported that NIST is producing a document describing the use of firewalls. John Wack at NIST will be contacted to find out the status of the document. Key Management Strategies It was reported that Steve Bellovin and Dave Solo have produced a document discussing key management issues. The status of this document will be checked on for the Toronto IETF. IP: Next Generation An IPng Directorate has been formed to track and evaluate the IPng proposals. Steve Bellovin is a member of the directorate representing the Security Area. IRC A document in RFC format exists that purports to document this protocol. Current usage suggests that authentication will need to be integrated with this protocol. At this time, this work item exists principally to track this activity. ITAR Publication It has been proposed that an on-line version of the US International Traffic in Arms Regulations (ITAR) be created as soon as it has been published in the Federal Register, probably as an Informational RFC. Mobile IP Security Previously, this work item was for tracking the distribution of a weak security mechanism that could be used until IP security is available. This is now considered counter-productive and this work item was officially closed at the Seattle IETF. One-Time Passwords This work item was created to track the production of documents describing one-time password schemes available in the Internet today. Random Number Generation Issues A revised Internet-Draft will be prepared and submitted for publication as an Informational RFC. Routing Security Plan A draft document will be prepared for the Toronto IETF summarizing the authentication/integrity issues in routing. Security Area Architecture This work item is for tracking the PSRG security architecture document. Portions of the document are expected to be distributed later this year to its contributors for review. Broader distribution is expected by late this year. Site Security Handbook This work item was created at the Seattle IETF to begin the revision of the Site Security Handbook (RFC 1244). A draft list of suggestions for areas requiring work will be presented at the Toronto IETF. Sun RPC Security This work item was created at the Seattle IETF to begin the security review of Sun RPC. Working Group Liaison Checklist The draft checklist is to be redistributed to the SAAG mailing list for review.