Skip to main content

IP Multicast issues with IPsec

Document Type Expired Internet-Draft (msec WG)
Expired & archived
Authors Mark Baugher , Ran Canetti , Thomas Hardjono , Brian Weis
Last updated 2002-12-23
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The IPsec Architecture [RFC2401] and IPsec transform RFCs [RFC2402, RFC2406] define certain mechanisms for IP multicast traffic. The recent revisions to each of the protocol documents [ESPbis, AHbis] propose changes to those semantics. However, neither the existing nor proposed semantics are sufficiently general such that IPsec can be used to protect the wide variety of IPv4 and IPv6 multicast applications that are expected by the IP multicast community. In particular, they are not compatible with the needs of the protocols developed in the MSEC WG and for Source Specific Multicast [RFC3376, SSM-ARCH]. This document reviews these semantics and proposes some minor changes, which would enable IPsec to be suitable for these uses.


Mark Baugher
Ran Canetti
Thomas Hardjono
Brian Weis

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)