Protocol Action: 'Group Security Policy Token v1' to Proposed Standard
The IESG <iesg-secretary@ietf.org> Thu, 26 January 2006 17:25 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F2Ary-0005Cg-60; Thu, 26 Jan 2006 12:25:14 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F2Aru-000594-Py; Thu, 26 Jan 2006 12:25:11 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA06973; Thu, 26 Jan 2006 12:23:37 -0500 (EST)
Received: from [132.151.6.50] (helo=newodin.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1F2B1u-0005F6-PE; Thu, 26 Jan 2006 12:35:30 -0500
Received: from apache by newodin.ietf.org with local (Exim 4.43) id 1F2Ars-0002TV-VO; Thu, 26 Jan 2006 12:25:08 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1F2Ars-0002TV-VO@newodin.ietf.org>
Date: Thu, 26 Jan 2006 12:25:08 -0500
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Cc: msec chair <canetti@watson.ibm.com>, msec mailing list <msec@securemulticast.org>, Internet Architecture Board <iab@iab.org>, msec chair <ldondeti@qualcomm.com>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Group Security Policy Token v1' to Proposed Standard
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
The IESG has approved the following document: - 'Group Security Policy Token v1 ' <draft-ietf-msec-policy-token-sec-06.txt> as a Proposed Standard This document is the product of the Multicast Security Working Group. The IESG contact persons are Russ Housley and Sam Hartman. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-msec-policy-token-sec-06.txt Technical Summary MSEC recognizes three major aspects to multicast and group security: key management, source authentication and group policy. The Group Security Policy Token (GSPT) is a structure used to specify the security policy and configurable parameters for a secure multicast group. In the unicast case, point-to-point security association parameters are negotiated, but in groups the group owner specifies the policy unilaterally via, for instance, a GSPT. Some of the attributes within a GSPT include group membership policy, rekeying policy, and data security policy. A key management protocol such as GSAKMP (or GDOI), TESLA, and the GSPT comprise a complete group security solution. Working Group Summary The GSPT is a generic structure that can be used with any key management system. GSAKMP uses it, whereas GDOI uses SA proposal and transform payloads similar to those in IKE for a similar purpose; however, the GSPT can also be used with GDOI. GSPT is a product of the MSEC WG. There was no significant opposition to GSPT as a work item or to its structure. There was healthy debate on the nuts and bolts of the specification. Protocol Quality There are at least two implementations: one by SPARTA and another by IdentAware. Both implementations use GSAKMP as the key management protocol. The policy token itself has been reviewed closely by the implementors and the MSEC WG. This document was reviewed by Russ Housley for the IESG. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce