An Architecture for Secure Internet Multicast

Document Type Expired Internet-Draft (individual)
Authors Pau-Chen Cheng  , Debanjan Saha  , Ran Canetti  , Dimitrios Pendarakis  , J.R. Rao  , Pankaj Rohatgi 
Last updated 1999-02-25
Stream Internet Research Task Force (IRTF)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream IRTF state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document proposes an architecture for secure IP multicast. It identifies the basic components and their functionalities, and specifies how these components interact with each other and with the surrounding systems. The main design principles followed in developing this architecture are simplicity, flexibility, ease of incorporation within existing systems. In particular, the design attempts to mimic the IPSec architecture, and to re-use existing IPSec mechanisms wherever possible. The proposed architecture is able to accommodate many of the existing proposals for multicast key management. In this draft, we concentrate on the architectural building blocks required to enable a group member (either a receiver or a sender of data) to use secure IP multicast. Design of the group controller(s) is left to future documents.


Pau-Chen Cheng (
Debanjan Saha (
Ran Canetti (
Dimitrios Pendarakis (
J.R. Rao (
Pankaj Rohatgi (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)