A Group Keying Protocol
draft-eastlake-trill-group-keying-02

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

• Versions
• 00
• 01
• 02

Document	Type		Active Internet-Draft (candidate for trill WG)
	Last updated		2017-06-20
	Stream		IETF
	Intended RFC status		(None)
	Formats		plain text pdf html bibtex
Stream	WG state		Call For Adoption By WG Issued
	Document shepherd		No shepherd assigned
IESG	IESG state		I-D Exists
	Consensus Boilerplate		Unknown
	Telechat date
	Responsible AD		(None)
	Send notices to		(None)

INTERNET-DRAFT                                           Donald Eastlake
Intended status: Proposed Standard                                Huawei
Expires: December 19, 2017                                 June 20, 2017

                        A Group Keying Protocol
               <draft-eastlake-trill-group-keying-02.txt>

Abstract

   This document specifies a general group keying protocol. It also
   provides use profiles for the application of this group keying
   protocol to multi-destination TRILL Extended RBridge Channel message
   security and TRILL over IP packet security.

Status of This Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Distribution of this document is unlimited. Comments should be sent
   to the authors or the TRILL working group mailing list:
   trill@ietf.org.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html. The list of Internet-Draft
   Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

D. Eastlake                                                     [Page 1]
INTERNET-DRAFT                                       TRILL: Group Keying

Table of Contents

      1. Introduction............................................3
      1.1  Terminology and Acronyms..............................3

      2. Group Keying Protocol...................................5
      2.1 Assumptions............................................5
      2.2 Group Keying Procedure Overview........................5
      2.3 Transmission and Receipt of Group Data Messages........6
      2.4 Changes in Group Membership or GKd.....................6
      2.5 Group Keying Messages..................................7
      2.6 Set Key Message........................................9
      2.7 Use, Delete, Disuse, or Deleted Key Messages..........11
      2.8 Response Message......................................12
      2.8.1 Response Codes......................................14
      2.8 No-Op Message.........................................15
      2.9 General Security Considerations.......................16

      3. DTLS: Extended RBridge Channel Group Keyed Security....17
      3.1 Transmission of Group Keying Messages.................17
      3.2 Transmission of Protected Multi-destination Data......18

      4. TRILL Over IP Group Keyed Security.....................19
      4.1 Transmission of Group Keying Messages.................19
      4.2 Transmission of Protected Multi-destination Data......19

      5. IANA Considerations....................................20
      5.1 Group Keying Protocol.................................20
      5.2 Group Keying RBridge Channel Protocol Numbers.........21
      5.3 Group Secured Extended RBridge Channel SType..........21

      6. Security Considerations................................22

      Normative References......................................23
      Informative References....................................24

      Acknowledgements..........................................25
      Authors' Addresses........................................26

D. Eastlake                                                     [Page 2]
INTERNET-DRAFT                                       TRILL: Group Keying

1. Introduction

   This document specifies a general group keying protocol in Section 2.
   In addition, it provides, in Section 3, the use profile for the
   application of this group keying protocol to a case using DTLS (TRILL
   [RFC6325] [RFC7780] Extended RBridge Channel message security
   [RFC7178] [RFC7978]) and IPsec [TRILLoverIP}. It is anticipated that
   there will be other uses for this group keying protocol.

1.1  Terminology and Acronyms

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119] [RFC8174]
   when, and only when, they appear in all capitals, as shown here.

   This document uses terminology and acronyms defined in [RFC6325] and
   [RFC7178].  Some of these are repeated below for convenience along

Show full document text