Hi, this version contains some clarifications based on discussion among authors: - "Replay protection" transform is changed to "Anti-replay Protection" (to be aligned with RFC 4301) - indication of Data-security SA mode (tunnel or transport) is clarified (via USE_TRANSPORT_MODE notify) - restrictions to the direction of SAs being installed are clarified - the requirements for the size of the wrapping keys are clarified - some inconsistences of RFC 2119 language are fixed - few typos and text issues are fixed
Regards, Brian & Valery. > -----Original Message----- > From: internet-dra...@ietf.org <internet-dra...@ietf.org> > Sent: Monday, October 21, 2024 6:10 PM > To: i-d-annou...@ietf.org > Cc: ipsec@ietf.org > Subject: [IPsec] I-D Action: draft-ietf-ipsecme-g-ikev2-15.txt > > Internet-Draft draft-ietf-ipsecme-g-ikev2-15.txt is now available. It is a > work item of > the IP Security Maintenance and Extensions (IPSECME) WG of the IETF. > > Title: Group Key Management using IKEv2 > Authors: Valery Smyslov > Brian Weis > Name: draft-ietf-ipsecme-g-ikev2-15.txt > Pages: 74 > Dates: 2024-10-21 > > Abstract: > > This document presents an extension to the Internet Key Exchange > version 2 (IKEv2) protocol for the purpose of a group key management. > The protocol is in conformance with the Multicast Security (MSEC) key > management architecture, which contains two components: member > registration and group rekeying. Both components are required for a > GCKS (Group Controller/Key Server) to provide authorized Group > Members (GMs) with IPsec group security associations. The group > members then exchange IP multicast or other group traffic as IPsec > packets. > > This document obsoletes RFC 6407. This documents also updates RFC > 7296 by renaming a transform type 5 from "Extended Sequence Numbers > (ESN)" to the "Anti-Replay Protection (ARP)" and by renaming IKEv2 > authentication method 0 from "Reserved" to "NONE". > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-g-ikev2/ > > There is also an HTMLized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-g-ikev2-15 > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-ipsecme-g-ikev2-15 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > IPsec mailing list -- ipsec@ietf.org > To unsubscribe send an email to ipsec-le...@ietf.org _______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
