Simple Group Keying Protocol (SGKP)
draft-ietf-trill-group-keying-01

Document Type Active Internet-Draft (individual)
Last updated 2018-03-19 (latest revision 2018-01-28)
Replaces draft-eastlake-trill-group-keying
Stream IETF
Intended RFC status Proposed Standard
Formats plain text pdf html bibtex
Stream WG state In WG Last Call
Document shepherd Susan Hares
IESG IESG state I-D Exists
Consensus Boilerplate Yes
Telechat date
Responsible AD (None)
Send notices to Susan Hares <shares@ndzh.com>
INTERNET-DRAFT                                           Donald Eastlake
Intended status: Proposed Standard                         Dacheng Zhang
                                                                  Huawei
Expires: July 27, 2018                                  January 28, 2018

                  Simple Group Keying Protocol (SGKP)
                 <draft-ietf-trill-group-keying-01.txt>

Abstract

   This document specifies a simple general group keying protocol that
   provides for the distribution of shared secret keys to group members
   and the management of such keys. It assumes that secure pairwise keys
   can be created between any two group members.

Status of This Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Distribution of this document is unlimited. Comments should be sent
   to the authors or the TRILL working group mailing list:
   trill@ietf.org.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html. The list of Internet-Draft
   Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

D. Eastlake                                                     [Page 1]
INTERNET-DRAFT                                       Simple Group Keying

Table of Contents

      1. Introduction............................................3
      1.1  Terminology and Acronyms..............................3

      2. Simple Group Keying Protocol............................4
      2.1 Assumptions............................................4
      2.2 Group Keying Procedure Overview........................4
      2.3 Transmission and Receipt of Group Data Messages........5
      2.4 Changes in Group Membership or GKd.....................6

      3. Group Keying Messages...................................7
      3.1 Set Key Message........................................9
      3.2 Use, Delete, Disuse, or Deleted Key Messages..........11
      3.3 Response Message......................................12
      3.3.1 Response Codes......................................13
      3.4 No-Op Message.........................................15

      4. Security Considerations................................16
      5. IANA Considerations....................................17

      Normative References......................................19
      Informative References....................................19

      Acknowledgements..........................................20
      Authors' Addresses........................................21

D. Eastlake                                                     [Page 2]
INTERNET-DRAFT                                       Simple Group Keying

1. Introduction

   This document specifies a simple general group keying protocol that
   provides for the distribution of shared secret keys to group members
   and the management of such keys. It assumes that secure pairwise keys
   can be created between any two group members.

   A companion document specifies two profiles for the use of this group
   keying protocol in a case using DTLS and a case using IPsec payload
   formats. It is anticipated that there will be other uses for this
   group keying protocol.

1.1  Terminology and Acronyms

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119] [RFC8174]
   when, and only when, they appear in all capitals, as shown here.

   This document uses the following terminology and acronyms:

      AES - Advanced Encryption Standard.

      DTLS - Datagram Transport Level Security [RFC6347].

      GKd - A distinguished station in a group that is in charge of
         which group keying (Section 2) is in use.

      GKs - Stations in a group other than GKd (Section 2).

      IS-IS - Intermediate System to Intermediate System [RFC7176].

      keying material - The set of a Key ID, a secret key, and a cypher
         suite.

      QoS - Quality of Service.

      RBridge - An alternative term for a TRILL switch.

      TRILL - Transparent Interconnection of Lots of Links or Tunneled
         Routing in the Link Layer.

      TRILL switch - A device that implements the TRILL protocol
         [RFC6325] [RFC7780], sometimes referred to as an RBridge.

D. Eastlake                                                     [Page 3]
Show full document text