From owner-dns-security Tue Mar 2 09:08:07 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id JAA18239 for dns-security-outgoing; Tue, 2 Mar 1999 09:03:39 -0500 (EST) Message-Id: <199903012358.SAA05632@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-simple-update-01.txt Date: Mon, 01 Mar 1999 18:58:10 -0500 Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : Simple Secure Domain Name System (DNS) Dynamic Update Author(s) : B. Wellington Filename : draft-ietf-dnssec-simple-update-01.txt Pages : 5 Date : 26-Feb-99 This draft proposes an alternative method for performing secure Domain Name System (DNS) dynamic updates. The method described here is both simple and flexible enough to represent any policy decisions. Secure communication based on request/transaction signatures [TSIG] is used to provide authentication and authorization. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnssec-simple-update-01.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-simple-update-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-simple-update-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19990226124815.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-simple-update-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-simple-update-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19990226124815.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Wed Mar 3 08:12:46 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id IAA22678 for dns-security-outgoing; Wed, 3 Mar 1999 08:10:51 -0500 (EST) Message-Id: <199903012358.SAA05632@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:;;;;@tis.com@tis.com;;; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-simple-update-01.txt Date: Mon, 01 Mar 1999 18:58:10 -0500 X-Rcpt-To: aalok@bisquare.com X-UIDL: 12c64160c8d56455c9d09964c540db3f Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : Simple Secure Domain Name System (DNS) Dynamic Update Author(s) : B. Wellington Filename : draft-ietf-dnssec-simple-update-01.txt Pages : 5 Date : 26-Feb-99 This draft proposes an alternative method for performing secure Domain Name System (DNS) dynamic updates. The method described here is both simple and flexible enough to represent any policy decisions. Secure communication based on request/transaction signatures [TSIG] is used to provide authentication and authorization. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnssec-simple-update-01.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-simple-update-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-simple-update-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19990226124815.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-simple-update-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-simple-update-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19990226124815.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Thu Mar 4 14:24:36 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id OAA00587 for dns-security-outgoing; Thu, 4 Mar 1999 14:17:13 -0500 (EST) Message-Id: <199903041637.LAA00970@torque.pothole.com> X-Authentication-Warning: torque.pothole.com: localhost [127.0.0.1] didn't use HELO protocol To: dns-security@tis.com cc: dee3@torque.pothole.com Subject: urgent minor change in RSA algorithm DNSSEC document Date: Thu, 04 Mar 1999 11:37:22 -0500 From: "Donald E. Eastlake 3rd" X-Mts: smtp Sender: owner-dns-security@ex.tis.com Precedence: bulk I am going to change the description from indicating that you contruct this string starting with 0x01 that is one byte shorter than the modulus to one that says you construct a string starting with 0x0001 that is the same length as the modulus. You would think this would not make any difference and indeed I think it does not if you are doing the arithmetic operations specified in draft-ietf-dnssec-rsa-01.txt. However, if you are using rsaref calls, which many will, I have been told you get different results. To make it easier for people for people to use rsaref and equivalent packages, it seems better to make this minor change... Thanks, Donald ===================================================================== Donald E. Eastlake 3rd +1 914-276-2668 dee3@torque.pothole.com 65 Shindegan Hill Road, RR#1 +1 914-784-7913(work) dee3@us.ibm.com Carmel, NY 10512 USA From owner-dns-security Thu Mar 4 16:56:03 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id QAA01838 for dns-security-outgoing; Thu, 4 Mar 1999 16:55:14 -0500 (EST) Message-Id: <199903042208.RAA12391@clipper.hq.tis.com> Date: Thu, 4 Mar 1999 17:10:49 -0500 (EST) From: John Kelley Reply-To: John Kelley Subject: PLEASE READ: Address of list changing! To: dns-security@tis.com MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: WIHME1vuAxYJJV/LVQqI6A== X-Mailer: dtmail 1.2.1 CDE Version 1.2.1 SunOS 5.6 sun4u sparc Sender: owner-dns-security@ex.tis.com Precedence: bulk PLEASE NOTE! As of March 12 this mailing list will be hosted at lists.tislabs.com. Postings will begin to be sent with this new address as its sender on this date. As of March 26 mail sent to tis.com or ex.tis.com will no longer be received by the server. Please adjust your address books and filters appropriately. You may immediately start using the @lists.tislabs.com address to subscribe, unsubscribe and post. We are sorry for any inconvenience this may cause. The change is required due to changes in our company's mail and DNS infrastructure. -John Kelley -- John C. Kelley Computer Scientist TISLabs at Network Associates, Inc. Glenwood, MD From owner-dns-security Mon Mar 8 10:17:49 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id KAA14597 for dns-security-outgoing; Mon, 8 Mar 1999 10:11:15 -0500 (EST) Message-Id: <199903081509.KAA27080@clipper.hq.tis.com> Date: Mon, 8 Mar 1999 10:11:43 -0500 (EST) From: John Kelley Reply-To: John Kelley Subject: Addendum: Address of list changing To: dns-security@tis.com MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: tG6GcJl1SgAKTzqtOTc/vg== X-Mailer: dtmail 1.2.1 CDE Version 1.2.1 SunOS 5.6 sun4u sparc Sender: owner-dns-security@ex.tis.com Precedence: bulk Further information related to the domain name change coming soon to a list near you: -All subscriber lists will be maintained as-is when the list address changes. (Technically, the server and lists etc., are not physically moving to a different system. The domain name configuration of the current server will be changed. So, literally nothing but the domain name and email addresses will change.) -The list archives will still be available via anonymous ftp. This server will change to ftp.tislabs.com. Ftp.tis.com will work for a time after the change, but it is advisable to start using ftp.tislabs.com asap. Sorry for not including this in my earlier post. -John -- John C. Kelley Computer Scientist TISLabs at Network Associates, Inc. Glenwood, MD From owner-dns-security Wed Mar 10 23:04:08 1999 Received: by portal.ex.tis.com (8.9.1/8.9.1) id WAA27080 for dns-security-outgoing; Wed, 10 Mar 1999 22:58:30 -0500 (EST) Date: Wed, 10 Mar 1999 20:18:55 -0800 (PST) Message-Id: <199903110418.UAA15042@cayman-islands.isi.edu> From: Clifford Neuman To: the-computer-security-community@isi.edu Subject: Workshop on Countering Cyber-Terrorism Reply-to: bcn@isi.edu Sender: owner-dns-security@ex.tis.com Precedence: bulk Countering Cyber-Terrorism June 22-23 Marina del Rey, California A workshop sponsored by the Information Sciences Institute of the University of Southern California Call for Participation Recent studies warn of Cyber-Terrorism and the vulnerability of our computer systems and infrastructure to attack. These reports identify damage that determined, knowledgeable, and well-financed adversaries could inflict on commercial, government, and military systems. Such attacks would have severe consequences for the public, and in particular the economy, which has become dependant on computers and communications infrastructure. The objective of this workshop is to identify things that should be done to improve our ability to detect, protect against, contain, neutralize, mitigate the effects of, and recover from cyber-terrorist attacks. Participants are sought from the computer security, electronic commerce and banking, network infrastructure, military, and counter-terrorism communities, as well as those with experience of cyber-terrorist attacks. Recommendations may suggest research and development or operational measures that can be taken. The workshop is NOT a forum for presentation of the latest security systems, protocols or algorithms. The workshop will address the strategies, framework, and infrastructure required to combine and incrementally deploy such technologies to counter the cyber-terrorist threat. Attendance will be limited to approximately 25 participants. Participants will be selected on the basis of submitted position papers that raise issues for the workshop to discuss, identify threats or countermeasures, or propose strategies or infrastructure to counter the threat of cyber-terrorism. Position papers should be four pages or less in length. Submissions should be sent in e-mail in Word or PDF format, or as ASCII text to cyber-terrorism-ws@isi.edu. Please check the web page http://www.isi.edu/cctws for more information, including a position paper from the organizers which will be available two weeks prior to the submission deadline. Important Dates: Organizer's Paper Available April 5, 1999 Position Papers Due April 19, 1999 Notification of Acceptance May 1, 1999 Revised Position Papers Due May 28, 1999 Position Papers Available on Web June 9 Workshop Dates June 22-23 Organizing Committee: Bob Balzer, Information Sciences Institute, Balzer@isi.edu Thomas Longstaff, CERT Coordination Center, tal@cert.org Don Faatz, the MITRE Corporation, dfaatz@mitre.org Clifford Neuman, Information Sciences Institute, bcn@isi.edu From owner-dns-security Mon Mar 22 12:07:21 1999 Received: by lists.tislabs.com (8.9.1/8.9.1) id MAA18935 Mon, 22 Mar 1999 12:02:29 -0500 (EST) Message-Id: <199903221707.MAA19784@clipper.hq.tis.com> X-Sender: balenson@pop.hq.tis.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Mon, 22 Mar 1999 12:07:28 -0500 To: dns-security@tislabs.com From: "David M. Balenson" Subject: CFP: ISOC Year 2000 Network & Distr. System Security (NDSS 2000) Cc: balenson@tislabs.com Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-dns-security@lists.tislabs.com Precedence: bulk C A L L F O R P A P E R S The Internet Society Year 2000 Network and Distributed System Security Symposium (NDSS 2000) Catamaran Resort Hotel, San Diego, California February 2-4, 2000 IMPORTANT DATES: Paper and panel submissions due: June 16, 1999 Author notification: August 17, 1999 Final versions of papers and panels due: October 15, 1999 GOAL: This symposium aims to foster information exchange among researchers and practitioners of network and distributed system security services. The intended audience includes those who are interested in practical aspects of network and distributed system security, with the focus on actual system design and implementation, rather than theory. A major goal of the symposium is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. The proceedings of the symposium will be published by the Internet Society. Submissions are solicited for, but are not limited to, the following topics: * Secure Electronic Commerce, e.g., payment, barter, EDI, notarization/timestamping, endorsement and licensing. * Intellectual Property Protection: protocols, schemas, implementations, metering, watermarking, other forms of rights management. * Implementation, deployment and management of network security policies. * Integrating Security in Internet protocols: routing, naming, TCP/IP, multicast, network management, and, of course, the Web. * Attack-resistant protocols and services. * Special problems and case studies: e.g. interplay and tradeoffs between security and efficiency, usability, reliability and cost. * Security for collaborative applications and services: tele- and video-conferencing, groupwork, etc. * Fundamental services: authentication, data integrity, confidentiality, authorization, non-repudiation, and availability. * Supporting mechanisms and APIs: key management and certification, revocation, audit trails and accountability. * Integrating security services with system and application security facilities and protocols, e.g., message handling, file transport/access, directories, time synchronization, data base management, boot services, mobile computing. * Security for emerging technologies -- sensor networks, specialized testbeds, wireless/mobile (and ad hoc) networks, personal communication systems, and large heterogeneous distributed systems. * Intrusion Avoidance, Detection, and Response: systems, experiences and architectures * Network Perimeter Controls: firewalls, packet filters, application gateways. BEST PAPER AWARD: A best paper award will be introduced at NDSS 2000. This award will be presented at the symposium to the authors of the best paper to be selected by the program committee. GENERAL CHAIR: Stephen Welke, Trusted Computer Solutions PROGRAM CO-CHAIRS: Gene Tsudik, USC / Information Sciences Institute Avi Rubin, AT&T Labs - Research TUTORIAL CHAIR: Doug Maughan, NSA / DARPA PROGRAM COMMITTEE: Bill Cheswick, Lucent Bell Labs Marc Dacier, IBM Research Zurich Jim Ellis, CMU / CERT Carl Ellison, Intel Ed Felten, Princeton Virgil Gligor, UMD College Park Thomas Hardjono, Bay Networks/Nortel Cynthia Irvine, Naval Postgraduate School Charlie Kaufman, Iris Associates Dave Kormann, AT&T Labs - Research Hugo Krawczyk, Technion and IBM Carl Landwehr, Naval Research Lab Doug Maughan, NSA / DARPA Gary McGraw, Reliable Software Technologies Sandra Murphy, TIS Labs at Network Associates Clifford Neuman, USC / Information Sciences Institute Paul Van Oorschot, Entrust Sami Saydjari, DARPA ISO David Wagner, UC Berkeley Bennet Yee, UC San Diego LOCAL ARRANGEMENTS CHAIR: Thomas Hutton, San Diego Supercomputer Center PUBLICATIONS CHAIR: John Kochmar, SEI PUBLICITY CHAIR: David Balenson, TIS Labs at Network Associates LOGISTICS CHAIR: Carla Rosenfeld, Internet Society REGISTRATIONS CHAIR Beth Strait, Internet Society SUBMISSIONS: The committee invites both technical papers and panel proposals. Technical papers should be at most 20 pages long. Panel proposals should be at most two pages and should describe the topic, identify the panel chair, explain the format of the panel, and list three to four potential panelists. Technical papers will appear in the proceedings. A description of each panel will appear in the proceedings, and may -- at the discretion of the panel chair -- include written position statements from the panelists. Each submission must contain a separate title page with the type of submission (paper or panel), the title or topic, the names of the author(s), organizational affiliation(s), telephone and FAX numbers, postal addresses, e-mail addresses, and must specify the contact author in case of multi-author submissions. The names of authors, affiliations, and other identifying information should appear only on the separate title page. Submissions must be received by June 16, 1999, and must be made via electronic mail in either PostScript or ASCII format. If the committee is unable to print a PostScript submission, a hardcopy will be requested. Therefore, PostScript submissions must arrive well before the deadline. All submissions and program related correspondence (only) should be directed to the program chair: Gene Tsudik USC Information Sciences Institute 4676 Admiralty Way Marina Del Rey, CA 90292 Email: ndss00@isi.edu TEL: +1 (310) 822-1511 ext 329 FAX: +1 (310) 823-6714 Dates, final call for papers, advance program, and registration information will be available soon at the URL: httl//www.isoc.org/ndss2000. Each submission will be acknowledged by e-mail. If acknowledgment is not received within seven days, please contact the program chair as indicated above. Authors and panelists will be notified of acceptance by August 17, 1999. Instructions for preparing camera-ready copy for the proceedings will be sent at that time. The camera-ready copy must be received by October 15, 1999. ---------------------------------------------------------------------- David M. Balenson, Cryptographic Technologies Group TIS Labs at Network Associates, Inc. 3060 Washington Road, Suite 100, Glenwood, MD 21738 USA balenson@tislabs.com; 443-259-2358; fax 301-854-4731 pgp fingerprints FD53 918E 097A 2579 C1A8 34F8 E05D E74F AC1D E184 (DSS/DH) D43B 565B 2C0E 90F4 38BB D9EA 1454 3264 (RSA)