A MONTHLY REVIEW OF RECENT SECURITY RELATED RFCs
TOMORROW'S SECURITY TODAY

Hundreds of new and revised Internet Drafts could indicate where the IETF is going with security standards.

BY Pete Loshin

This summer, the IETF released hundreds of new and revised Internet Drafts. While few ever become RFCs, they do reflect the work and thinking of IETF participants, as well as the directions working groups may take. I've highlighted five of the more interesting drafts that will likely guide future security implementations.
..................................

Tunnel Setup Protocol

Tunnels are everywhere these days, particularly for security. Marc Blanchet, Regis Desmeules and Andre Cormier-the authors of the draft "Tunnel Setup Protocol (TSP)"--work for Viagenie, a Canadian IPv6 and security consultancy. So, it's no surprise that the first application of this generalized protocol for tunnel negotiation is for IPv6 over IPv4 tunnels. This process is documented in the draft "IPv6 Over IPv4 Profile for Tunnel Setup Protocol (TSP)." With increasing emphasis on tunneling, whether IPSec through NAT or IPv6 through IPv4, the generalized approach described in this draft means that security issues related to setting up and maintaining tunnels can be addressed in a single protocol.

..................................

From Information Security, September 2001

Columnist PETE LOSHIN (pete@loshin.com) is a senior editor-at-large for Information Security. He produces the Internet-Standard.com Web site and has authored more than 20 books on Internet protocols and security.