multicast security msec wg
play

Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, - PowerPoint PPT Presentation

Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, 2002 9:00 11:30 1 IETF-55 MSEC MSEC Agenda Agenda Bashing (5min) Review of WG St at us (T. Har dj ono/ R. Canet t i) (15min) MI KEY (E. Carrara/ F. Lindholm)


  1. Multicast Security (MSEC) WG I ETF-55, At lant a, GA Tue, Nov 19, 2002 9:00 – 11:30 1 IETF-55 MSEC

  2. MSEC Agenda • Agenda Bashing (5min) • Review of WG St at us (T. Har dj ono/ R. Canet t i) (15min) • MI KEY (E. Carrara/ F. Lindholm) (15min) • MESP dr af t (M. Baugher ) (15min) • TESLA Over view (M. Baugher ) (15min) • Key Management Arch (L. Dondet i/ M. Baugher ) (15min) • MI KEY-DHHMAC (M. Euchner ) (15min) • I Psec signat ures (B. Weis) (15min) • Updat es: (20min) – GDOI updat e (B. Weis/ L. Dondet i) – GSAKMP Updat e (H. Harney) • Discussion (20min) – Need t o updat e Chart er 2 IETF-55 MSEC

  3. MSEC Status Review I ETF- 55 Thomas Har dj ono 3 IETF-55 MSEC

  4. Non- expired MSEC documents • Draf t s: – draf t -iet f -msec-gkmarch-03.t xt – draf t -iet f -msec-gsakmp-light -sec-01.t xt – draf t -iet f -msec-mesp-00.t xt – draf t -iet f -msec-t esla-spec-00.t xt – Draf t -iet f -msec-mikey-dhhmac-01.t xt • WG Last Call: – draf t -iet f -msec-gdoi-06.t xt – draf t -iet f -msec-mikey-05.t xt 4 IETF-55 MSEC

  5. MSEC draf ts tree MSEC Charter MSEC Security MSEC Architecture Requirements Transforms GKM Architecture Policy Architecture (Algorithms) GDOI TESLA alg. TESLA w. Token Def. A/MESP GSAKMP LKH/OFT 5 IETF-55 MSEC

  6. High- Level Draf ts • MSEC Requir ement s – (Based on draf t -irt f -smug-t axonomy-01.t xt ) – Owner: Canet t i et . Al. – Aim: I nf ormat ional – St at us: (upcoming) • MSEC Ar chit ect ur e – Current ly: draf t -iet f -msec-arch-00.t xt – Owner: Hardj ono/ Weis – Aim: I nf ormat ional – St at us: Work in P rogress 6 IETF-55 MSEC

  7. MSEC draf ts tree MSEC Charter MSEC Security MSEC Architecture Requirements Transforms GKM Architecture Policy Architecture (Algorithms) GDOI TESLA alg. TESLA w. Token Def. A/MESP GSAKMP LKH/OFT 7 IETF-55 MSEC

  8. Architecture/ Functionalities • Mult icast ESP (MESP): – Current ly: draf t -iet f -msec-mesp-00.t xt – Owner: Canet t i et . Al. – Aim: St andards – St at us: Work in P rogress • Gr oup Key Management Ar chit ect ur e – Current ly: draf t -iet f -msec-gkmarch-03.t xt – Owner: Baugher et . Al. – Aim: St andards – St at us: Work in P rogress 8 IETF-55 MSEC

  9. Architecture/ Functionalities (cont) • Gr oup Secur it y Policy Ar chit ect ur e – Based on: • draf t -irt f -smug-polreq-00.t xt • draf t -irt f -smug-mcast -policy-00.t xt • draf t -iet f -msec-gspt -01.t xt – Owner: ? – St at us: • Only GSPT draf t has been submit t ed t o MSEC – Expired – Comment s: • Need t o invest igat e relat ionship of group-securit y- policy wit h ot her WGs in t he I ETF • Needs someone t o drive t his. (See last slide) 9 IETF-55 MSEC

  10. MSEC draf ts tree MSEC Charter MSEC Security MSEC Architecture Requirements Transforms GKM Architecture Policy Architecture (Algorithms) GDOI TESLA alg. TESLA w. Token Def. A/MESP GSAKMP LKH/OFT 10 IETF-55 MSEC

  11. GKM Protocols • Group DOI (GDOI ): – Current ly: draf t -iet f -msec-gdoi-06.t xt – Owner: Weis et al. – Aim: St andards – St at us: f inished Last Call (issued 1/ 18/ 2002) • MI KEY – Current ly: draf t-iet f -msec-mikey-05.t xt – Owner: Lindholm et al. – Aim: St andards – St at us: f inished Last Call (issued 8/ 28/ 2002) • GSAKMP-Light – Current ly: draf t-iet f -msec-gsakmp-light -sec-01.t xt – Owner: Harney et al. – Aim: St andards – St at us: Work in Progress 11 IETF-55 MSEC

  12. MSEC draf ts tree MSEC Charter MSEC Security MSEC Architecture Requirements Transforms GKM Architecture Policy Architecture (Algorithms) GDOI TESLA alg. TESLA w. Token Def. A/MESP GSAKMP LKH/OFT 12 IETF-55 MSEC

  13. Protocols & Algorithms (cont) • TESLA wit h A/ MESP: – Specif ic usage of TESLA wit h A/ MESP – Owner: Canet t i/ Per r ig – St at us: t o be submit t ed t o MSEC (?) • TESLA algorit hm – Cur r ent ly: dr af t -iet f -msec-t esla-spec-00.t xt – Owner: Per r ig/ Canet t i – Aim: St andards – St at us: Wor k in Pr ogr ess • DHHMAC f or MI KEY – Cur r ent ly: dr af t -iet f -msec-dhhmac-00.t xt – Owner: Euchner – Aim: I nf or mat ional or St andar ds – St at us: Wor k in Pr ogr ess 13 IETF-55 MSEC

  14. Protocols & Algorithms (cont) • LKH/ OFT algorit hm: – Based on: • dr af t -ir t f -smug-groupkeymgmt -of t -00.t xt (OFT) • dr af t -harney-spar t a-lkhp-sec-00.t xt (LKH) – Owner: Dondet i/ McGr ew – St at us: • t o be wr it t en; algor it hm only, independent of any key management pr ot ocols • Policy Token def init ion & st ruct ure – Based on dr af t -iet f -msec-gspt -01.t xt – St at us: • GSAKMP PT may not cover all inf o r equir ed f or session and member ship management – Owner : open?, maybe based on GSAKMP policy t oken 14 IETF-55 MSEC

  15. Open I ssues • GSAKMP t o I nf ormat ional: – Background & supplement f or implement ers of GSAKMP-Light – Preserved f or hist orical purposes – Maybe of int erest t o ext ernal (non-I ETF) organizat ions 15 IETF-55 MSEC

  16. END 16 IETF-55 MSEC

Recommend


More recommend