A Framework for Group Key Management for Multicast Security

Document Type Expired Internet-Draft (ipsec WG)
Authors Thomas Hardjono  , Bradley Cain  , Naganand Doraswamy 
Last updated 2000-08-15
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document provides a framework for group key management for multicast security, motivated by three main considerations, namely the multicast application, scalability and trust-relationships among entities. It introduces two planes corresponding to the network entities and functions important to multicasting and to security. The key management plane consists of two hierarchy-levels in the form of a single 'trunk region' (inter-region) and one or more 'leaf regions' (intra-region). The advantages of the framework among others are that it is scalable, it has reduced complexity and allows the independence in regions of group key management.


Thomas Hardjono (thardjono@verisign.com)
Bradley Cain (bcain@mediaone.net)
Naganand Doraswamy (naganand@baynetworks.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)