Skip to main content

Concluded WG IP Security Protocol (ipsec)

Note: The data for concluded WGs is occasionally incorrect.

WG Name IP Security Protocol
Acronym ipsec
Area Security Area (sec)
State Concluded
Charter charter-ietf-ipsec-01 Approved
Document dependencies
Additional resources Additional IPSEC Web Page
Personnel Chairs Barbara Y. Fraser, Theodore Ts'o
Tech Advisors Angelos D. Keromytis, Tero Kivinen
Mailing list Address ipsec@ietf.org
To subscribe ipsec-request@ietf.org
Archive https://mailarchive.ietf.org/arch/browse/ipsec

Final Charter for Working Group

Note: The Technical Advisor has the task to advice on technical matters
related to all the MIB work in this WG.
Rapid advances in communication technology have accentuated the need for
security in the Internet. The IP Security Protocol Working Group (IPSEC)
will develop mechanisms to protect client protocols of IP. A security
protocol in the network layer will be developed to provide cryptographic
security services that will flexibly support combinations of
authentication, integrity, access control, and confidentiality.

The IPSEC working group will restrict itself to the following short-term
work items to improve the existing key management protocol (IKE) and
IPSEC encapsulation protocols:

  1. Changes to IKE to support NAT/Firewall traversal

  2. Changes to IKE to support SCTP

  3. New cipher documents to support AES-CBC, AES-MAC, SHA-2, and a fast
    AES mode suitable for use in hardware encryptors

  4. IKE MIB documents

  5. Sequence number extensions to ESP to support an expanded sequence
    number space.

  6. Clarification and standardization of rekeying procedures in IKE.

The working group will also update IKE to clarify the specification and
to reflect implementation experience, new requirements, and protocol
analysis of the existing protocol. The requirements for IKE V2 will be
revised and updated as the first step in this process.

Milestones

Date Milestone Associated documents
Jan 2004 Submit revised draft on IPsec Architecture for consideration as Draft Standard
Nov 2003 Revised draft on IPsec Architecture to working group last call

Done milestones

Date Milestone Associated documents
Done Submit IKEv2 for consideration as Draft Standard
Done Discuss and select the IKE v2 design from candidate approaches.
Done Submit revised Internet-Drafts on AES/SHA-2, sequence number expansion, and IKE rekeying for consideration as Draft Standards.
Done Internet-Drafts on AES/SHA-2, sequence number expansion, and IKE re-keying to working group last call.
Done Internet-Draft on IKE v2 Requirements to working group last call
Done Internet-Drafts describing candidate IKE v2 approaches submitted to the working group.
Done Internet-Drafts on sequence number expansion in IKE, and IKE re-keying completed.
Done Internet Drafts on NAT and Firewall traversal, IKE MIBs, and requirements for IPsec and IKE for use with SCTP, to working group last call.
Done Submit revised Internet-Drafts of NAT and Firewall traversal, IKE MIBs, and SCTP support for considerations as Draft Standards.
Done Submit Internet-Draft of Internet Key Management Protocol to the IESG for consideration as a Proposed Standard.
Done Submit Internet-Draft of the Internet Key Management Protocol (IKMP) based on ISAKMP/Oakley to the IESG for consideration as a Proposed Standard.
Done Submit revised Internet-Drafts of IP Security Architecture, ESP, and AH to the IESG for consideration as Draft Standards.
Done Submit revised Interent-Drafts for ESP, AH, and IP Security Architecture.
Done Conduct initial interoperability testing of Encapsulating Security payload (ESP) and Authentication Header (AH).
Done Submit the Internet Key Management Protocol to the IESG for consideration as a Proposed Standard.
Done Post as an Interenet-Draft the specification for Internet key management.
Done Post as an Internet-Draft the IP Security Protocol.