Group Key Management using IKEv2

Document Type Replaced Internet-Draft (ipsecme WG)
Authors Brian Weis  , Valery Smyslov 
Last updated 2019-11-16 (latest revision 2019-07-08)
Replaced by draft-ietf-ipsecme-g-ikev2
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state Adopted by a WG (wg milestone: May 2020 - G-DOI for IKEv2 to I... )
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-ipsecme-g-ikev2
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document presents a set of IKEv2 exchanges that comprise a group key management protocol. The protocol is in conformance with the Multicast Security (MSEC) key management architecture, which contains two components: member registration and group rekeying. Both components require a Group Controller/Key Server to download IPsec group security associations to authorized members of a group. The group members then exchange IP multicast or other group traffic as IPsec packets. This document obsoletes RFC 6407.


Brian Weis (
Valery Smyslov (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)