New draft relevant to SRP

[David Jablon <dpj@world.std.com>]

A new draft that is relevant to the SRP authentication protocol
is available at:
http://search.ietf.org/internet-drafts/draft-jablon-speke-00.txt

SRP, as defined in RFC2945, and referenced in draft-ietf-ips-security-11.txt,
has technical and IP issues, that are addressed in this draft.

    Title       : The SPEKE Password-Based Key Agreement Methods
    Author(s)   : D. Jablon
    Filename    : draft-jablon-speke-00.txt
    Pages       : 25
    Date        : 13-Feb-02
        
This document describes SPEKE, B-SPEKE, and SRP-4, three methods for
password-based key agreement and authentication. In the same class of
techniques as SRP-3 [RFC 2945], these methods provide a zero-knowledge
proof of a password and authenticate session keys over an unprotected
channel, with minimal dependency on infrastructure and proper user
behavior. These methods are compatible with IEEE 1363 and ANSI X9
standards, and are closely aligned with RFC 2945 from an application
perspective. They are also based on different fundamental techniques than
earlier patented alternatives, providing an expanded set of choices for
convenient and secure personal authentication over the Internet. 

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-jablon-speke-00.txt

-- David

---------------------------------------------------
David Jablon
dpj@world.std.com
tel: 508 898 9024