IP Security Protocol (ipsec)
----------------------------

 Charter
 Last Modified: 2004-06-07

 Current Status: Active Working Group

 Chair(s):
     Barbara Fraser  <byfraser@cisco.com>
     Theodore Ts'o  <tytso@mit.edu>

 Security Area Director(s):
     Russ Housley  <housley@vigilsec.com>
     Sam Hartman  <hartmans-ietf@mit.edu>

 Security Area Advisor:
     Russ Housley  <housley@vigilsec.com>

 Technical Advisor(s):
     Angelos Keromytis  <angelos@cs.columbia.edu>
     Tero Kivinen  <kivinen@safenet-inc.com>

 Mailing Lists: 
     General Discussion:ipsec@ietf.org
     To Subscribe:      ipsec-request@ietf.org
     Archive:           http://www.ietf.org/mail-archive/web/ipsec/index.html

Description of Working Group:



 Goals and Milestones:

   Done         Post as an Internet-Draft the IP Security Protocol. 

   Done         Post as an Interenet-Draft the specification for Internet key 
                management. 

   Done         Submit the Internet Key Management Protocol to the IESG for 
                consideration as a Proposed Standard. 

   Done         Conduct initial interoperability testing of Encapsulating 
                Security payload (ESP) and Authentication Header (AH). 

   Done         Submit revised Interent-Drafts for ESP, AH, and IP Security 
                Architecture. 

   Done         Submit revised Internet-Drafts of IP Security Architecture, 
                ESP, and AH to the IESG for consideration as Draft Standards. 

   Done         Submit Internet-Draft of the Internet Key Management Protocol 
                (IKMP) based on ISAKMP/Oakley to the IESG for consideration as 
                a Proposed Standard. 

   Done         Submit Internet-Draft of Internet Key Management Protocol to 
                the IESG for consideration as a Proposed Standard. 

   Done         Internet Drafts on NAT and Firewall traversal, IKE MIBs, and 
                requirements for IPsec and IKE for use with SCTP, to working 
                group last call. 

   Done         Submit revised Internet-Drafts of NAT and Firewall traversal, 
                IKE MIBs, and SCTP support for considerations as Draft 
                Standards. 

   Done         Internet-Drafts on sequence number expansion in IKE, and IKE 
                re-keying completed. 

   Done         Internet-Drafts on AES/SHA-2, sequence number expansion, and 
                IKE re-keying to working group last call. 

   Done         Internet-Draft on IKE v2 Requirements to working group last 
                call 

   Done         Internet-Drafts describing candidate IKE v2 approaches 
                submitted to the working group. 

   Done         Submit revised Internet-Drafts on AES/SHA-2, sequence number 
                expansion, and IKE rekeying for consideration as Draft 
                Standards. 

   Done         Discuss and select the IKE v2 design from candidate approaches. 

   Done         Submit IKEv2 for consideration as Draft Standard 

   Nov 03       Revised draft on IPsec Architecture to working group last call 

   Jan 04       Submit revised draft on IPsec Architecture for consideration as 
                Draft Standard 


 Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
Oct 97 Mar 05   <draft-ietf-ipsec-esp-v3-10.txt>
                IP Encapsulating Security Payload (ESP) 

May 99 Apr 05   <draft-ietf-ipsec-ike-ecc-groups-05.txt>
                Additional ECC Groups For IKE 

Mar 00 Apr 05   <draft-ietf-ipsec-ike-auth-ecdsa-03.txt>
                IKE Authentication Using ECDSA 

Nov 01 Oct 04   <draft-ietf-ipsec-ikev2-17.txt>
                Internet Key Exchange (IKEv2) Protocol 

Mar 02 Mar 05   <draft-ietf-ipsec-rfc2402bis-11.txt>
                IP Authentication Header 

Jul 02 Feb 04   <draft-ietf-ipsec-esn-addendum-03.txt>
                Extended Sequence Number Addendum to IPsec DOI for ISAKMP 

Jan 03 Nov 03   <draft-ietf-ipsec-ciph-aes-ccm-05.txt>
                Using AES CCM Mode With IPsec ESP 

May 03 Apr 04   <draft-ietf-ipsec-ikev2-algorithms-05.txt>
                Cryptographic Algorithms for use in the Internet Key Exchange 
                Version 2 

May 03 Apr 04   <draft-ietf-ipsec-ui-suites-06.txt>
                Cryptographic Suites for IPsec 

Oct 03 Apr 05   <draft-ietf-ipsec-rfc2401bis-06.txt>
                Security Architecture for the Internet Protocol 

Dec 03 Aug 04   <draft-ietf-ipsec-esp-ah-algorithms-02.txt>
                Cryptographic Algorithm Implementation Requirements For ESP And 
                AH 

Apr 04 Apr 04   <draft-ietf-ipsec-ciph-aes-gcm-00.txt>
                The Use of Galois/Counter Mode (GCM) in IPsec ESP 

Apr 05 Apr 05   <draft-ietf-ipsec-ikev2-auth-ecdsa-00.txt>
                IKEv2 Authentication Using ECDSA 

Apr 05 Apr 05   <draft-ietf-ipsec-ike-ecp-groups-00.txt>
                ECP Groups For IKE 

Apr 05 Apr 05   <draft-ietf-ipsec-ikev2-ecc-groups-00.txt>
                ECC Groups For IKEv2 

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC1829 PS   Aug 95    The ESP DES-CBC Transform 

RFC1827 PS   Aug 95    IP Encapsulating Security Payload (ESP) 

RFC1828 PS   Aug 95    IP Authentication using Keyed MD5 

RFC1826 PS   Aug 95    IP Authentication Header 

RFC1825 PS   Aug 95    Security Architecture for the Internet Protocol 

RFC2104 I    Feb 97    HMAC: Keyed-Hashing for Message Authentication 

RFC2085 PS   Feb 97    HMAC-MD5 IP Authentication with Replay Prevention 

RFC2401 PS   Nov 98    Security Architecture for the Internet Protocol 

RFC2410 PS   Nov 98    The NULL Encryption Algorithm and Its Use With IPsec 

RFC2411 I    Nov 98    IP Security Document Roadmap 

RFC2402 PS   Nov 98    IP Authentication Header 

RFC2412 I    Nov 98    The OAKLEY Key Determination Protocol 

RFC2451 PS   Nov 98    The ESP CBC-Mode Cipher Algorithms 

RFC2403 PS   Nov 98    The Use of HMAC-MD5-96 within ESP and AH 

RFC2404 PS   Nov 98    The Use of HMAC-SHA-1-96 within ESP and AH 

RFC2405 PS   Nov 98    The ESP DES-CBC Cipher Algorithm With Explicit IV 

RFC2406 PS   Nov 98    IP Encapsulating Security Payload (ESP) 

RFC2407 PS   Nov 98    The Internet IP Security Domain of Interpretation for 
                       ISAKMP 

RFC2408 PS   Nov 98    Internet Security Association and Key Management 
                       Protocol (ISAKMP) 

RFC2409 PS   Nov 98    The Internet Key Exchange (IKE) 

RFC2857 PS   Jun 00    The Use of HMAC-RIPEMD-160-96 within ESP and AH 

RFC3526 PS   May 03    More Modular Exponential (MODP) Diffie-Hellman groups 
                       for Internet Key Exchange (IKE) 

RFC3554 PS   Jul 03    On the Use of Stream Control Transmission Protocol 
                       (SCTP) with IPsec 

RFC3566 PS   Sep 03    The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec 

RFC3602 PS   Sep 03    The AES-CBC Cipher Algorithm and Its Use with IPsec 

RFC3664Standard  Jan 04    The AES-XCBC-PRF-128 algorithm for IKE 

RFC3686Standard  Jan 04    Using AES Counter Mode With IPsec ESP 

RFC3706 I    Feb 04    A Traffic-Based Method of Detecting Dead IKE Peers 

RFC3715 I    Mar 04    IPsec-NAT Compatibility Requirements 

RFC3947Standard  Jan 05    Negotiation of NAT-Traversal in the IKE 

RFC3948Standard  Jan 05    UDP Encapsulation of IPsec Packets