Skip to main content

Group Key Management using IKEv2

Document Type Replaced Internet-Draft (ipsecme WG)
Expired & archived
Authors Brian Weis , Valery Smyslov
Last updated 2019-11-16 (Latest revision 2019-07-08)
Replaced by draft-ietf-ipsecme-g-ikev2
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Adopted by a WG
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-ipsecme-g-ikev2
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document presents a set of IKEv2 exchanges that comprise a group key management protocol. The protocol is in conformance with the Multicast Security (MSEC) key management architecture, which contains two components: member registration and group rekeying. Both components require a Group Controller/Key Server to download IPsec group security associations to authorized members of a group. The group members then exchange IP multicast or other group traffic as IPsec packets. This document obsoletes RFC 6407.


Brian Weis
Valery Smyslov

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)