Browse Prior Art Database

The Group Domain of Interpretation (RFC3547)

IP.com Disclosure Number: IPCOM000016594D
Original Publication Date: 2003-Jul-01
Included in the Prior Art Database: 2003-Jul-02

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Baugher: AUTHOR [+4]

Abstract

This document presents an ISAMKP Domain of Interpretation (DOI) for group key management to support secure group communications. The GDOI manages group security associations, which are used by IPSEC and potentially other data security protocols running at the IP or application layers. These security associations protect one or more key-encrypting keys, traffic-encrypting keys, or data shared by group members.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 3% of the total text.

Network Working Group� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � M. Baugher

Request for Comments: 3547� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � B. Weis

Category: Standards Track� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Cisco

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � T. Hardjono

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Verisign

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � H. Harney

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Sparta

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � July 2003

� � � � � � � � � � � � � � � � � The Group Domain of Interpretation

Status of this Memo

� � This document specifies an Internet standards track protocol for the

� � Internet community, and requests discussion and suggestions for

� � improvements.� Please refer to the current edition of the "Internet

� � Official Protocol Standards" (STD 1) for the standardization state

� � and status of this protocol.� Distribution of this memo is unlimited.

Copyright Notice

� � Copyright (C) The Internet Society (2003).� All Rights Reserved.

Abstract

� � This document presents an ISAMKP Domain of Interpretation (DOI) for

� � group key management to support secure group communications.� The

� � GDOI manages group security associations, which are used by IPSEC and

� � potentially other data security protocols running at the IP or

� � application layers.� These security associations protect one or more

� � key-encrypting keys, traffic-encrypting keys, or data shared by group

� � members.

Table of Contents

� � 1.� Introduction . . . . . . . . . . . . . . . . . . . . . . . . .� 3

� � � � � � 1.1.� GDOI Applications. . . . . . . . . . . . . . . . . . . .� 5

� � � � � � 1.2.� Extending GDOI . . . . . . . . . . . . . . . . . . . . .� 5

� � 2.� GDOI Phase 1 protocol. . . . . . . . . . . . . . . . . . . . .� 6

� � � � � � 2.1.� ISAKMP Phase 1 protocol. . . . . . . . . . . . . . . . .� 6

� � � � � � � � � � � � 2.1.1.� DOI value. . . . . . . . . . . . . . . . . . . .� 6

� � � � � � � � � � � � 2.1.2.� UDP port . . . . . . . . . . . . . . . . . . . .� 6

� � 3.� GROUPKEY-PULL Exchange . . . . . . . . . . . . . . . . . . . .� 6

� � � � � � 3.1.� Authorization. . . . . . . . . . . . . . . . . . . . . .� 7

� � � � � � 3.2.� Messages . . . . . . . . . . . . . . . . . . . . . . . .� 7

� � � � � � � � � � � � 3.2.1.� Perfect Forward Secrecy. . . . . . . . . . . . .� 9

� � � � � � � � � � � � 3.2.2.� ISAKMP Header Initialization . . . . . . . . . .� 9

Baugher, et. al.� � � � � � � � � � �...