IPSEC KEYing information resource record BOF (ipseckey) Tuesday, November 19 at 1545-1645 ================================= CHAIRS: Michael Richardson Olafur Gudmundsson MAILING LIST: ipseckey-request@sandelman.ca Archive: http://www.sandelman.ca/lists/html/ipseckey/ DESCRIPTION: IP security public KEY in DNS (ipseckey) This effort has a goal of designing a resource record for the domain name system (DNS) to replace the functionality of the IPSEC sub-type of the KEY resource record. Sub-types of the KEY resource record are being obsoleted by the dnsext WG as part of the revision of the DNSSEC standard. A replacement is sought. The scope of work is to identify what information is needed in a IPSEC specific keying resource record. The contents of the resource record are not limited to only the information that is in the DNS KEY record but also contains usefull IPSEC information information. The general problems of key management, and semantic content of the data stored in the resource record is beyond the scope of this effort. This effort is limited to syntactic issues only. Semantics of the contained information is left to future deployment documents to define. The resulting resource record should be easily extensible for new uses. This effort is specific to providing IPSEC information in DNS. All other distributed databases are out of scope. PROPOSED SCHEDULE DEC 02 Solicit various proposals on what information is needed in IPSEC specific KEYing record. FEB 02 First draft of consensus RR proposal APR 02 Advance Document to IESG AGENDA: 1. Open meeting and welcome 2. Scribe and blue sheet 3. Introduction Michael Richardson 4. Documents 4.1 Why KEY is being obsoleted. Dan Massey www.ietf.org/internet-drafts/draft-ietf-dnsext-restrict-key-for-dnssec-04.txt 4.2 Requirements. 4.3 Any IPSECKEY proposal that have shown up by Atlanta. 5. open mike 6. Charter discussion 7. schedule discussion 8. Next step.