--- 1/draft-ietf-lisp-ecdsa-auth-04.txt 2021-03-22 13:38:23.863188467 -0700 +++ 2/draft-ietf-lisp-ecdsa-auth-05.txt 2021-03-22 13:38:23.899189362 -0700 @@ -1,19 +1,19 @@ Network Working Group D. Farinacci Internet-Draft lispers.net Intended status: Experimental E. Nordmark -Expires: March 17, 2021 Zededa - September 13, 2020 +Expires: September 9, 2021 Zededa + March 8, 2021 LISP Control-Plane ECDSA Authentication and Authorization - draft-ietf-lisp-ecdsa-auth-04 + draft-ietf-lisp-ecdsa-auth-05 Abstract This draft describes how LISP control-plane messages can be individually authenticated and authorized without a a priori shared- key configuration. Public-key cryptography is used with no new PKI infrastructure required. Status of This Memo @@ -23,25 +23,25 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on March 17, 2021. + This Internet-Draft will expire on September 9, 2021. Copyright Notice - Copyright (c) 2020 IETF Trust and the persons identified as the + Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -61,29 +61,30 @@ 10. Signed Map-Notify Encoding . . . . . . . . . . . . . . . . . 10 11. Other Uses . . . . . . . . . . . . . . . . . . . . . . . . . 10 12. EID Authorization . . . . . . . . . . . . . . . . . . . . . . 11 13. Security Considerations . . . . . . . . . . . . . . . . . . . 13 14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 15.1. Normative References . . . . . . . . . . . . . . . . . . 13 15.2. Informative References . . . . . . . . . . . . . . . . . 15 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . 15 Appendix B. Document Change Log . . . . . . . . . . . . . . . . 16 - B.1. Changes to draft-ietf-lisp-ecdsa-auth-04 . . . . . . . . 16 - B.2. Changes to draft-ietf-lisp-ecdsa-auth-03 . . . . . . . . 16 - B.3. Changes to draft-ietf-lisp-ecdsa-auth-02 . . . . . . . . 16 - B.4. Changes to draft-ietf-lisp-ecdsa-auth-01 . . . . . . . . 16 - B.5. Changes to draft-ietf-lisp-ecdsa-auth-00 . . . . . . . . 16 - B.6. Changes to draft-farinacci-lisp-ecdsa-auth-03 . . . . . . 16 - B.7. Changes to draft-farinacci-lisp-ecdsa-auth-02 . . . . . . 17 - B.8. Changes to draft-farinacci-lisp-ecdsa-auth-01 . . . . . . 17 - B.9. Changes to draft-farinacci-lisp-ecdsa-auth-00 . . . . . . 17 + B.1. Changes to draft-ietf-lisp-ecdsa-auth-05 . . . . . . . . 16 + B.2. Changes to draft-ietf-lisp-ecdsa-auth-04 . . . . . . . . 16 + B.3. Changes to draft-ietf-lisp-ecdsa-auth-03 . . . . . . . . 16 + B.4. Changes to draft-ietf-lisp-ecdsa-auth-02 . . . . . . . . 16 + B.5. Changes to draft-ietf-lisp-ecdsa-auth-01 . . . . . . . . 16 + B.6. Changes to draft-ietf-lisp-ecdsa-auth-00 . . . . . . . . 16 + B.7. Changes to draft-farinacci-lisp-ecdsa-auth-03 . . . . . . 16 + B.8. Changes to draft-farinacci-lisp-ecdsa-auth-02 . . . . . . 17 + B.9. Changes to draft-farinacci-lisp-ecdsa-auth-01 . . . . . . 17 + B.10. Changes to draft-farinacci-lisp-ecdsa-auth-00 . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 1. Introduction The LISP architecture and protocols [RFC6830] introduces two new numbering spaces, Endpoint Identifiers (EIDs) and Routing Locators (RLOCs) which provide an architecture to build overlays on top of the underlying Internet. Mapping EIDs to RLOC-sets is accomplished with a Mapping Database System. EIDs and RLOCs come in many forms than just IP addresses, using a general syntax that includes Address @@ -594,118 +595,124 @@ . 15.2. Informative References [AFI] "Address Family Identifier (AFIs)", ADDRESS FAMILY NUMBERS http://www.iana.org/assignments/address-family- numbers/address-family-numbers.xhtml?, February 2007. [I-D.farinacci-lisp-geo] Farinacci, D., "LISP Geo-Coordinate Use-Cases", draft- - farinacci-lisp-geo-09 (work in progress), April 2020. + farinacci-lisp-geo-10 (work in progress), October 2020. [I-D.farinacci-lisp-name-encoding] Farinacci, D., "LISP Distinguished Name Encoding", draft- - farinacci-lisp-name-encoding-10 (work in progress), August - 2020. + farinacci-lisp-name-encoding-11 (work in progress), + November 2020. [I-D.ietf-lisp-pubsub] Rodriguez-Natal, A., Ermagan, V., Cabellos-Aparicio, A., Barkai, S., and M. Boucadair, "Publish/Subscribe - Functionality for LISP", draft-ietf-lisp-pubsub-06 (work - in progress), July 2020. + Functionality for LISP", draft-ietf-lisp-pubsub-07 (work + in progress), January 2021. [I-D.ietf-lisp-rfc6833bis] Farinacci, D., Maino, F., Fuller, V., and A. Cabellos- Aparicio, "Locator/ID Separation Protocol (LISP) Control- - Plane", draft-ietf-lisp-rfc6833bis-28 (work in progress), - July 2020. + Plane", draft-ietf-lisp-rfc6833bis-30 (work in progress), + November 2020. [I-D.ietf-lisp-sec] Maino, F., Ermagan, V., Cabellos-Aparicio, A., and D. - Saucez, "LISP-Security (LISP-SEC)", draft-ietf-lisp-sec-21 - (work in progress), July 2020. + Saucez, "LISP-Security (LISP-SEC)", draft-ietf-lisp-sec-22 + (work in progress), January 2021. [X9.62] "Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)", NIST ANSI X9.62-2005, November 2005. Appendix A. Acknowledgments A special thanks goes to Sameer Merchant and Colin Cantrell for their ideas and technical contributions to the ideas in this draft. Appendix B. Document Change Log [RFC Editor: Please delete this section on publication as RFC.] -B.1. Changes to draft-ietf-lisp-ecdsa-auth-04 +B.1. Changes to draft-ietf-lisp-ecdsa-auth-05 + + o Posted March 2021. + + o Update references and document timer. + +B.2. Changes to draft-ietf-lisp-ecdsa-auth-04 o Posted September 2020. o Update references and document timer. -B.2. Changes to draft-ietf-lisp-ecdsa-auth-03 +B.3. Changes to draft-ietf-lisp-ecdsa-auth-03 o Posted March 2020. o Update references and document timer. -B.3. Changes to draft-ietf-lisp-ecdsa-auth-02 +B.4. Changes to draft-ietf-lisp-ecdsa-auth-02 o Posted September 2019. o Update references and document timer. -B.4. Changes to draft-ietf-lisp-ecdsa-auth-01 +B.5. Changes to draft-ietf-lisp-ecdsa-auth-01 o Posted March IETF week 2019. o Update references and document timer. -B.5. Changes to draft-ietf-lisp-ecdsa-auth-00 +B.6. Changes to draft-ietf-lisp-ecdsa-auth-00 o Posted mid-September 2018. o Make draft-farinacci-lisp-ecdsa-auth-03 a LISP working group docuemnt. -B.6. Changes to draft-farinacci-lisp-ecdsa-auth-03 +B.7. Changes to draft-farinacci-lisp-ecdsa-auth-03 o Posted September 2018. o Change all occurrences of signature-EID to signature-ID. o Document how Map-Servers sign Map-Notify messages so they can be verified by xTRs. o Add multi-signatures to mappings so a 3rd-party can allow an entity to register any type of EID. -B.7. Changes to draft-farinacci-lisp-ecdsa-auth-02 +B.8. Changes to draft-farinacci-lisp-ecdsa-auth-02 o Draft posted April 2018. o Generalize text to allow Map-Requesting and Map-Registering for any EID type with a proper signature-EID and signature encoded together. -B.8. Changes to draft-farinacci-lisp-ecdsa-auth-01 +B.9. Changes to draft-farinacci-lisp-ecdsa-auth-01 o Draft posted October 2017. o Make it more clear what values and format the EID hash is run over. o Update references to newer RFCs and Internet Drafts. -B.9. Changes to draft-farinacci-lisp-ecdsa-auth-00 +B.10. Changes to draft-farinacci-lisp-ecdsa-auth-00 o Initial draft posted July 2017. Authors' Addresses Dino Farinacci lispers.net San Jose, CA USA