Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, - - PowerPoint PPT Presentation

multicast security msec wg
SMART_READER_LITE
LIVE PREVIEW

Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, - - PowerPoint PPT Presentation

Oct 15, 2023 241 likes •408 views

Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, 2002 9:00 11:30 1 IETF-55 MSEC MSEC Agenda Agenda Bashing (5min) Review of WG St at us (T. Har dj ono/ R. Canet t i) (15min) MI KEY (E. Carrara/ F. Lindholm)

slide-1
SLIDE 1

1

MSEC IETF-55

Multicast Security (MSEC) WG

I ETF-55, At lant a, GA Tue, Nov 19, 2002 9:00 – 11:30

slide-2
SLIDE 2

2

MSEC IETF-55

MSEC Agenda

  • Agenda Bashing

(5min)

  • Review of WG St at us (T. Har dj ono/ R. Canet t i)

(15min)

  • MI KEY (E. Carrara/ F. Lindholm)

(15min)

  • MESP dr af t (M. Baugher )

(15min)

  • TESLA Over view (M. Baugher )

(15min)

  • Key Management Arch (L. Dondet i/ M. Baugher )

(15min)

  • MI KEY-DHHMAC (M. Euchner )

(15min)

  • I Psec signat ures (B. Weis)

(15min)

  • Updat es:

(20min)

– GDOI updat e (B. Weis/ L. Dondet i) – GSAKMP Updat e (H. Harney)

  • Discussion

(20min)

– Need t o updat e Chart er

slide-3
SLIDE 3

3

MSEC IETF-55

MSEC Status Review I ETF- 55

Thomas Har dj ono

slide-4
SLIDE 4

4

MSEC IETF-55

Non- expired MSEC documents

  • Draf t s:

– draf t -iet f -msec-gkmarch-03.t xt – draf t -iet f -msec-gsakmp-light -sec-01.t xt – draf t -iet f -msec-mesp-00.t xt – draf t -iet f -msec-t esla-spec-00.t xt – Draf t -iet f -msec-mikey-dhhmac-01.t xt

  • WG Last Call:

– draf t -iet f -msec-gdoi-06.t xt – draf t -iet f -msec-mikey-05.t xt

slide-5
SLIDE 5

5

MSEC IETF-55

MSEC draf ts tree

MSEC Security Requirements MSEC Architecture MSEC Charter Token Def. TESLA w. A/MESP GKM Architecture Transforms Policy Architecture (Algorithms) GSAKMP GDOI TESLA alg. LKH/OFT

slide-6
SLIDE 6

6

MSEC IETF-55

High- Level Draf ts

  • MSEC Requir ement s

– (Based on draf t -irt f -smug-t axonomy-01.t xt ) – Owner: Canet t i et . Al. – Aim: I nf ormat ional – St at us: (upcoming)

  • MSEC Ar chit ect ur e

– Current ly: draf t -iet f -msec-arch-00.t xt – Owner: Hardj ono/ Weis – Aim: I nf ormat ional – St at us: Work in P rogress

slide-7
SLIDE 7

7

MSEC IETF-55

MSEC draf ts tree

MSEC Security Requirements MSEC Architecture MSEC Charter Token Def. TESLA w. A/MESP GKM Architecture Transforms Policy Architecture (Algorithms) GSAKMP GDOI TESLA alg. LKH/OFT

slide-8
SLIDE 8

8

MSEC IETF-55

Architecture/ Functionalities

  • Mult icast ESP (MESP):

– Current ly: draf t -iet f -msec-mesp-00.t xt – Owner: Canet t i et . Al. – Aim: St andards – St at us: Work in P rogress

  • Gr oup Key Management Ar chit ect ur e

– Current ly: draf t -iet f -msec-gkmarch-03.t xt – Owner: Baugher et . Al. – Aim: St andards – St at us: Work in P rogress

slide-9
SLIDE 9

9

MSEC IETF-55

Architecture/ Functionalities (cont)

  • Gr oup Secur it y Policy Ar chit ect ur e

– Based on:

  • draf t -irt f -smug-polreq-00.t xt
  • draf t -irt f -smug-mcast -policy-00.t xt
  • draf t -iet f -msec-gspt -01.t xt

– Owner: ? – St at us:

  • Only GSPT draf t has been submit t ed t o MSEC

– Expired

– Comment s:

  • Need t o invest igat e relat ionship of group-securit y-

policy wit h ot her WGs in t he I ETF

  • Needs someone t o drive t his. (See last slide)
slide-10
SLIDE 10

10

MSEC IETF-55

MSEC draf ts tree

MSEC Security Requirements MSEC Architecture MSEC Charter Token Def. TESLA w. A/MESP GKM Architecture Transforms Policy Architecture (Algorithms) GSAKMP GDOI TESLA alg. LKH/OFT

slide-11
SLIDE 11

11

MSEC IETF-55

GKM Protocols

  • Group DOI (GDOI ):

– Current ly: draf t -iet f -msec-gdoi-06.t xt – Owner: Weis et al. – Aim: St andards – St at us: f inished Last Call (issued 1/ 18/ 2002)

  • MI KEY

– Current ly: draf t-iet f -msec-mikey-05.t xt – Owner: Lindholm et al. – Aim: St andards – St at us: f inished Last Call (issued 8/ 28/ 2002)

  • GSAKMP-Light

– Current ly: draf t-iet f -msec-gsakmp-light -sec-01.t xt – Owner: Harney et al. – Aim: St andards – St at us: Work in Progress

slide-12
SLIDE 12

12

MSEC IETF-55

MSEC draf ts tree

MSEC Security Requirements MSEC Architecture MSEC Charter Token Def. TESLA w. A/MESP GKM Architecture Transforms Policy Architecture (Algorithms) GSAKMP GDOI TESLA alg. LKH/OFT

slide-13
SLIDE 13

13

MSEC IETF-55

Protocols & Algorithms (cont)

  • TESLA wit h A/ MESP:

– Specif ic usage of TESLA wit h A/ MESP – Owner: Canet t i/ Per r ig – St at us: t o be submit t ed t o MSEC (?)

  • TESLA algorit hm

– Cur r ent ly: dr af t -iet f -msec-t esla-spec-00.t xt – Owner: Per r ig/ Canet t i – Aim: St andards – St at us: Wor k in Pr ogr ess

  • DHHMAC f or MI KEY

– Cur r ent ly: dr af t -iet f -msec-dhhmac-00.t xt – Owner: Euchner – Aim: I nf or mat ional or St andar ds – St at us: Wor k in Pr ogr ess

slide-14
SLIDE 14

14

MSEC IETF-55

Protocols & Algorithms (cont)

  • LKH/ OFT algorit hm:

– Based on:

  • dr af t -ir t f -smug-groupkeymgmt -of t -00.t xt (OFT)
  • dr af t -harney-spar t a-lkhp-sec-00.t xt (LKH)

– Owner: Dondet i/ McGr ew – St at us:

  • t o be wr it t en; algor it hm only, independent of any key

management pr ot ocols

  • Policy Token def init ion & st ruct ure

– Based on dr af t -iet f -msec-gspt -01.t xt – St at us:

  • GSAKMP PT may not cover all inf o r equir ed f or session and

member ship management

– Owner : open?, maybe based on GSAKMP policy t oken

slide-15
SLIDE 15

15

MSEC IETF-55

Open I ssues

  • GSAKMP t o I nf ormat ional:

– Background & supplement f or implement ers of GSAKMP-Light – Preserved f or hist orical purposes – Maybe of int erest t o ext ernal (non-I ETF)

  • rganizat ions
slide-16
SLIDE 16

16

MSEC IETF-55

END