IP Security Protocol (ipsec)
----------------------------
Charter
Last Modified: 2004-06-07
Current Status: Active Working Group
Chair(s):
Barbara Fraser <byfraser@cisco.com>
Theodore Ts'o <tytso@mit.edu>
Security Area Director(s):
Russ Housley <housley@vigilsec.com>
Sam Hartman <hartmans-ietf@mit.edu>
Security Area Advisor:
Russ Housley <housley@vigilsec.com>
Technical Advisor(s):
Angelos Keromytis <angelos@cs.columbia.edu>
Tero Kivinen <kivinen@safenet-inc.com>
Mailing Lists:
General Discussion:ipsec@ietf.org
To Subscribe: ipsec-request@ietf.org
Archive: http://www.ietf.org/mail-archive/web/ipsec/index.html
Description of Working Group:
Goals and Milestones:
Done Post as an Internet-Draft the IP Security Protocol.
Done Post as an Interenet-Draft the specification for Internet key
management.
Done Submit the Internet Key Management Protocol to the IESG for
consideration as a Proposed Standard.
Done Conduct initial interoperability testing of Encapsulating
Security payload (ESP) and Authentication Header (AH).
Done Submit revised Interent-Drafts for ESP, AH, and IP Security
Architecture.
Done Submit revised Internet-Drafts of IP Security Architecture,
ESP, and AH to the IESG for consideration as Draft Standards.
Done Submit Internet-Draft of the Internet Key Management Protocol
(IKMP) based on ISAKMP/Oakley to the IESG for consideration as
a Proposed Standard.
Done Submit Internet-Draft of Internet Key Management Protocol to
the IESG for consideration as a Proposed Standard.
Done Internet Drafts on NAT and Firewall traversal, IKE MIBs, and
requirements for IPsec and IKE for use with SCTP, to working
group last call.
Done Submit revised Internet-Drafts of NAT and Firewall traversal,
IKE MIBs, and SCTP support for considerations as Draft
Standards.
Done Internet-Drafts on sequence number expansion in IKE, and IKE
re-keying completed.
Done Internet-Drafts on AES/SHA-2, sequence number expansion, and
IKE re-keying to working group last call.
Done Internet-Draft on IKE v2 Requirements to working group last
call
Done Internet-Drafts describing candidate IKE v2 approaches
submitted to the working group.
Done Submit revised Internet-Drafts on AES/SHA-2, sequence number
expansion, and IKE rekeying for consideration as Draft
Standards.
Done Discuss and select the IKE v2 design from candidate approaches.
Done Submit IKEv2 for consideration as Draft Standard
Nov 03 Revised draft on IPsec Architecture to working group last call
Jan 04 Submit revised draft on IPsec Architecture for consideration as
Draft Standard
Internet-Drafts:
Posted Revised I-D Title <Filename>
------ ------- --------------------------------------------
Oct 97 Mar 05 <draft-ietf-ipsec-esp-v3-10.txt>
IP Encapsulating Security Payload (ESP)
May 99 Apr 05 <draft-ietf-ipsec-ike-ecc-groups-05.txt>
Additional ECC Groups For IKE
Mar 00 Apr 05 <draft-ietf-ipsec-ike-auth-ecdsa-03.txt>
IKE Authentication Using ECDSA
Nov 01 Oct 04 <draft-ietf-ipsec-ikev2-17.txt>
Internet Key Exchange (IKEv2) Protocol
Mar 02 Mar 05 <draft-ietf-ipsec-rfc2402bis-11.txt>
IP Authentication Header
Jul 02 Feb 04 <draft-ietf-ipsec-esn-addendum-03.txt>
Extended Sequence Number Addendum to IPsec DOI for ISAKMP
Jan 03 Nov 03 <draft-ietf-ipsec-ciph-aes-ccm-05.txt>
Using AES CCM Mode With IPsec ESP
May 03 Apr 04 <draft-ietf-ipsec-ikev2-algorithms-05.txt>
Cryptographic Algorithms for use in the Internet Key Exchange
Version 2
May 03 Apr 04 <draft-ietf-ipsec-ui-suites-06.txt>
Cryptographic Suites for IPsec
Oct 03 Apr 05 <draft-ietf-ipsec-rfc2401bis-06.txt>
Security Architecture for the Internet Protocol
Dec 03 Aug 04 <draft-ietf-ipsec-esp-ah-algorithms-02.txt>
Cryptographic Algorithm Implementation Requirements For ESP And
AH
Apr 04 Apr 04 <draft-ietf-ipsec-ciph-aes-gcm-00.txt>
The Use of Galois/Counter Mode (GCM) in IPsec ESP
Apr 05 Apr 05 <draft-ietf-ipsec-ikev2-auth-ecdsa-00.txt>
IKEv2 Authentication Using ECDSA
Apr 05 Apr 05 <draft-ietf-ipsec-ike-ecp-groups-00.txt>
ECP Groups For IKE
Apr 05 Apr 05 <draft-ietf-ipsec-ikev2-ecc-groups-00.txt>
ECC Groups For IKEv2
Request For Comments:
RFC Stat Published Title
------- -- ----------- ------------------------------------
RFC1829 PS Aug 95 The ESP DES-CBC Transform
RFC1827 PS Aug 95 IP Encapsulating Security Payload (ESP)
RFC1828 PS Aug 95 IP Authentication using Keyed MD5
RFC1826 PS Aug 95 IP Authentication Header
RFC1825 PS Aug 95 Security Architecture for the Internet Protocol
RFC2104 I Feb 97 HMAC: Keyed-Hashing for Message Authentication
RFC2085 PS Feb 97 HMAC-MD5 IP Authentication with Replay Prevention
RFC2401 PS Nov 98 Security Architecture for the Internet Protocol
RFC2410 PS Nov 98 The NULL Encryption Algorithm and Its Use With IPsec
RFC2411 I Nov 98 IP Security Document Roadmap
RFC2402 PS Nov 98 IP Authentication Header
RFC2412 I Nov 98 The OAKLEY Key Determination Protocol
RFC2451 PS Nov 98 The ESP CBC-Mode Cipher Algorithms
RFC2403 PS Nov 98 The Use of HMAC-MD5-96 within ESP and AH
RFC2404 PS Nov 98 The Use of HMAC-SHA-1-96 within ESP and AH
RFC2405 PS Nov 98 The ESP DES-CBC Cipher Algorithm With Explicit IV
RFC2406 PS Nov 98 IP Encapsulating Security Payload (ESP)
RFC2407 PS Nov 98 The Internet IP Security Domain of Interpretation for
ISAKMP
RFC2408 PS Nov 98 Internet Security Association and Key Management
Protocol (ISAKMP)
RFC2409 PS Nov 98 The Internet Key Exchange (IKE)
RFC2857 PS Jun 00 The Use of HMAC-RIPEMD-160-96 within ESP and AH
RFC3526 PS May 03 More Modular Exponential (MODP) Diffie-Hellman groups
for Internet Key Exchange (IKE)
RFC3554 PS Jul 03 On the Use of Stream Control Transmission Protocol
(SCTP) with IPsec
RFC3566 PS Sep 03 The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
RFC3602 PS Sep 03 The AES-CBC Cipher Algorithm and Its Use with IPsec
RFC3664Standard Jan 04 The AES-XCBC-PRF-128 algorithm for IKE
RFC3686Standard Jan 04 Using AES Counter Mode With IPsec ESP
RFC3706 I Feb 04 A Traffic-Based Method of Detecting Dead IKE Peers
RFC3715 I Mar 04 IPsec-NAT Compatibility Requirements
RFC3947Standard Jan 05 Negotiation of NAT-Traversal in the IKE
RFC3948Standard Jan 05 UDP Encapsulation of IPsec Packets