[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internal WG Review: Recharter of Multicast Security (msec)

To: iesg@ietf.org, iab@ietf.org
Subject: Internal WG Review: Recharter of Multicast Security (msec)
From: The IETF Secretariat <ietf-secretariat@ietf.org>
Date: Thu, 24 Jul 2003 13:06:10 -0400
Cc: Ran Canetti <canetti@watson.ibm.com>, Thomas Hardjono <thardjono@verisign.com>

A new charter for the Multicast Security (msec) Working Group 
in the Security Area is being considered. 
The revised draft charter is provided below for your review and comments.


The IETF Secretariat.

Multicast Security (msec)
-------------------------

Last Modified: 2003-07-24 

Current Status: Active Working Group

Chair(s):

Ran Canetti <canetti@watson.ibm.com>
Thomas Hardjono <thardjono@verisign.com>

Security Area Director(s):

Russell Housley <housley@vigilsec.com>
Steven Bellovin <smb@research.att.com>

Security Area Advisor:

Russell Housley <housley@vigilsec.com>

Mailing Lists:

General Discussion: msec@securemulticast.org
To Subscribe: msec-request@securemulticast.org
In Body: subscribe
Archive: http://www.pairlist.net/mailman/listinfo/msec

Description of Working Group:

 The purpose of the MSEC WG is to standardize protocols for securing group 
 communication over internets, and in particular over the global Internet. 
 Initial efforts will focus on scalable solutions for groups with a single 
 source and a very large number of recipients. Additional emphasis will be 
 put on groups where the data is transmitted via IP-layer multicast routing 
 protocols (with or without guaranteed reliability). The developed standard 
 will assume that each group has a single trusted entity (the Group 
 Controller) that sets the security policy and controls the group 
 membership. The standard will strive to provide at least the following 
 basic security guarantees:

 + Only legitimate group members will have access to current group 
 communication. This includes groups with highly dynamic membership.

 + Legitimate group members will be able to authenticate the source and 
 contents of the group communication. This includes cases where group 
 members do not trust each other.

 An additional goal of the standard will be to protect against 
 denial-of-service attacks, whenever possible.

 Due to the large number of one-to-many multicast applications and the 
 sometimes conflicting requirements these applications exhibit, it is 
 believed that a single protocol will be unable to meet the requirements of 
 all applications. Therefore, the WG will first specify a general Reference 
 Framework that includes a number of functional building blocks. Each such 
 building block will be instantiated by one or more protocols that will be 
 interchangable. The Reference Framework will not only describe one-to-many 
 multicast, but also many-to-many multicast.

 In addition, as a secondary goal the MSEC WG will also focus on distributed 
 architectures for group key management and group policy management, where 
 for scalability purposes multiple trusted entities (such as Key 
 Distributors) are deployed in a distributed fashion. For this purpose, the 
 Reference Framework will not only describe one-to-many multicast, but also 
 many-to-many multicast.

 MSEC will generate at least the following documents, which could be 
 considered as base documents:

 1. An RFC describing the security requirements of multicast security and an 
 RFC describing the MSEC Architecture.

 2. An RFC describing the Group Key Management Architecture and an RFC 
 describing Group Policy Management Architecture in MSEC.

 3. Several RFCs describing specifications for protocols that implement 
 source authentication, group key management and group policy management.

 As multicast security covers a broad range of issues, and therefore touches 
 other Working Groups in the IETF, the MSEC WG will work closely with other 
 security-related Working Groups (e.g. IPsec, IPSP), as well as other 
 Working Groups which maybe considered a "consumer" of the technologies 
 produced in the MSEC WG (e.g. AVT, MMUSIC) or which may have a multicast 
 focus (e.g. PIM, RMT, IDRM, MAGMA).

 With this in mind, the MSEC WG is open to receiving new work items, 
 whenever it is considered appropriate to be homed in the MSEC WG. Such 
 drafts will be matured in conjunction with the MSEC base documents.


 GOALS AND MILESTONES

 DONE Working Group Last Call on GDOI Protocol.

 DONE Working Group Last Call on MIKEY Protocol.

 Sep 03 WG Last Call on Group Key Management Architecture draft.

 Sep 03 WG Last Call on MSEC Architecture draft.

 Sep 03 WG Last Call on DHHMAC for MIKEY.

 Sep 03 WG Last Call on Data Security Architecture draft

 Dec 03 WG Last Call on Security Requirements draft.

 Mar 04 WG Last Call on Group Security Policy Architecture draft

 Mar 04 WG Last Call on MESP (Multicast ESP) draft.

 Mar 04 WG Last call on MESP-TESLA draft.

 Mar 04 WG Last Call on GSAKMP-Light protocol.

 Jul 04 WG re-charter for other work items (or disband).

Prev by Date: o&m sessions, ops division
Next by Date: FYI: INT area WG responsibility division
Previous by thread: o&m sessions, ops division
Next by thread: FYI: INT area WG responsibility division
Index(es):
- Date
- Thread