A Group Keying Protocol
draft-ietf-trill-group-keying-00

Document Type Active Internet-Draft (trill WG)
Last updated 2017-09-28
Replaces draft-eastlake-trill-group-keying
Stream IETF
Intended RFC status Proposed Standard
Formats plain text pdf html bibtex
Stream WG state WG Document
Document shepherd Susan Hares
IESG IESG state I-D Exists
Consensus Boilerplate Yes
Telechat date
Responsible AD (None)
Send notices to Susan Hares <shares@ndzh.com>
INTERNET-DRAFT                                           Donald Eastlake
Intended status: Proposed Standard                         Dacheng Zhang
                                                                  Huawei
Expires: March 27, 2018                               September 28, 2017

                        A Group Keying Protocol
                 <draft-ietf-trill-group-keying-00.txt>

Abstract

   This document specifies a general group keying protocol. It also
   provides use profiles for the application of this group keying
   protocol to multi-destination TRILL Extended RBridge Channel message
   security and TRILL over IP packet security.

Status of This Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Distribution of this document is unlimited. Comments should be sent
   to the authors or the TRILL working group mailing list:
   trill@ietf.org.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html. The list of Internet-Draft
   Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

D. Eastlake                                                     [Page 1]
INTERNET-DRAFT                                       TRILL: Group Keying

Table of Contents

      1. Introduction............................................3
      1.1  Terminology and Acronyms..............................3

      2. Group Keying Protocol...................................5
      2.1 Assumptions............................................5
      2.2 Group Keying Procedure Overview........................5
      2.3 Transmission and Receipt of Group Data Messages........6
      2.4 Changes in Group Membership or GKd.....................6
      2.5 Group Keying Messages..................................7
      2.6 Set Key Message........................................9
      2.7 Use, Delete, Disuse, or Deleted Key Messages..........11
      2.8 Response Message......................................12
      2.8.1 Response Codes......................................14
      2.8 No-Op Message.........................................15
      2.9 General Security Considerations.......................16

      3. DTLS: Extended RBridge Channel Group Keyed Security....17
      3.1 Transmission of Group Keying Messages.................17
      3.2 Transmission of Protected Multi-destination Data......18

      4. TRILL Over IP Group Keyed Security.....................19
      4.1 Transmission of Group Keying Messages.................19
      4.2 Transmission of Protected Multi-destination Data......19

      5. IANA Considerations....................................20
      5.1 Group Keying Protocol.................................20
      5.2 Group Keying RBridge Channel Protocol Numbers.........21
      5.3 Group Secured Extended RBridge Channel SType..........21

      6. Security Considerations................................22

      Normative References......................................23
      Informative References....................................24

      Acknowledgements..........................................25
      Authors' Addresses........................................26

D. Eastlake                                                     [Page 2]
INTERNET-DRAFT                                       TRILL: Group Keying

1. Introduction

   This document specifies a general group keying protocol in Section 2.
   In addition, it provides, in Section 3, the use profile for the
   application of this group keying protocol to a case using DTLS (TRILL
   [RFC6325] [RFC7780] Extended RBridge Channel message security
   [RFC7178] [RFC7978]) and IPsec [TRILLoverIP}. It is anticipated that
   there will be other uses for this group keying protocol.

1.1  Terminology and Acronyms

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119] [RFC8174]
   when, and only when, they appear in all capitals, as shown here.

   This document uses terminology and acronyms defined in [RFC6325] and
Show full document text