Editor's note: These minutes have not been edited. 37th IETF, San Jose, CA, December 12, 1996 Working Group on One-Time Password Authentication (OTP) Reported by: Neil Haller (notes recorded by Richard Graveman) Report on Interoperability Demonstration ---------------------------------------- Advancing a Proposed Standard to Draft Standard requires demonstrating interoperation between two or more independent implementations. A demonstration was held on December 10, 1996 using three servers and four generators. All systems interoperated. A server and a generator were from Rus Rashid (representing Bellcore), Corwin, and Phil Servita. And additional generator was supplied by Phil Nesser. All algorithms (MD4, MD5, SHA1, and the alternative dictionary) were demonstrated. Advancing RFC 1938 to Draft Standard ------------------------------------ The Working Group unanimously agreed that RFC 1938 should be submitted to the IESG for advancement to Draft Standard. During the discussion Neil Haller announced that all changes discussed on the list will be included in the revised document when it is issued as an Internet Draft. Denis Pinkas suggested that the Security Considerations section be expanded to include the limitations of this technology. Denis agreed to write this paragraph and submit it to the mailing list. OTP Extended Responses ---------------------------------------------------- Craig Metz (author of I-D) suggest that for consistency with the keyword "init-word", the keyword specifying hexadecimal format be changed from "init" to "init-hex". Denis Pinkas suggested that as this response is not likely to be manually entered, the 6-word format was unnecessary. Ran Atkinson said that having both formats was convenient, and Phil Servita said that the implementation of both was straightforward. The working group agreed to go with "init-hex" and "init-word". Denis Pinkas spoke about the patent status of the part of this Internet Draft. A patent application has been filed by his firm on protecting re-initialization from certain active attacks. He stated that the IETF rules called for fair, reasonable, non-discriminatory and openly specified terms for licensing. The terms he expected, for which he does not have formal approval, would be a royalty-free license subject to the terms that would cover use of the patent only in relationship with RFC 1938 (the patent was said to include a variant for Kerberos) if the OTP Extended Responses follows the standards track, if the requester agrees to reciprocate, and if a notice will be placed on the software and hardware. Jeff Schiller (Security Area Director) polled the group, and the opinion was that this technology should not be included in the draft. Ran Atkinson added that the value of this addition to the protocol is negligible as the OTP protocol doesn't in general defend against active attacks. Neil Haller pointed out that a colleague at Bellcore had proposed another defense against active attacks during re-initialization on which a patent had been filed. There was no "free use" offer, but other reasonable terms would be forthcoming. No one wanted to pursue this further and the issue was dropped. It was agreed that the author of this I-D be asked to re-post the draft in January with the patented technology removed. It was agreed that if there were no new issues, we would have a working group last call late in January for advancing this draft to Proposed Standard. OTP Verification Examples ----------------------------------------------------- It is difficult to verify the correctness of a new OTP implementation without using existing code such as the Bellcore reference implementation. Phil Nesser's draft provides a rich suite of test cases. The current draft contains errors and Phil agreed to post a corrected document in early January. The intent is to post a working group last call by January 15, and to include the verification examples as an appendix to the revised RFC 1938. Documents --------- RFC 1760, N Haller, February 1995 RFC 1938, N Haller & C Metz, May 1996 draft-ietf-otp-ver-00.txt draft-ietf-otp-ext-01.txt