IP Security Protocol (ipsec)
----------------------------
 
 Charter 
 
 Current status: active working group
 
 Chair(s):
     Ran Atkinson <rja@cisco.com>
     Paul Lambert <palamber@us.oracle.com>
 
 Security Area Director(s): 
     Jeffrey Schiller  <jis@mit.edu>
 
 Mailing lists: 
     General Discussion:ipsec@tis.com
     To Subscribe:      ipsec-request@tis.com
     Archive:           ftp://ftp.tis.com/pub/archive/ipsec
 
Description of Working Group:
 
Rapid advances in communication technology have accentuated the need
for security in the Internet. The IP Security Protocol Working Group
(IPSEC) will develop mechanisms to protect client protocols of IP. A
security protocol in the network layer will be developed to provide
cryptographic security services that will flexibly support combinations
of authentication, integrity, access control, and confidentiality.

The protocol formats for the IP Authentication Header (AH) and IP
Encapsulating Security Payload (ESP) will be independent of the
cryptographic algorithm. The preliminary goals will specifically pursue
host-to-host security followed by subnet-to-subnet and host-to-subnet
topologies.

Protocol and cryptographic techniques will also be developed to support
the key management requirements of the network layer security. The
Internet Key Management Protocol (IKMP) will be specified as an
application layer protocol that is independent of the lower layer
security protocol. The protocol will initially support public key-based
techniques. Flexibility in the protocol will allow eventual support of
Key Distribution Centers (KDC), such as are used by Kerberos.
 
 Goals and Milestones: 
 
     Done Submit Internet-Draft of Internet Key Management Protocol to the IESG
          for consideration as a Proposed Standard.                            

     Done Post as an Internet-Draft the IP Security Protocol.                  

     Done Post as an Interenet-Draft the specification for Internet key 
          management.                                                          

     Done Submit the Internet Key Management Protocol to the IESG for 
          consideration as a Proposed Standard.                                

     Done Conduct initial interoperability testing of Encapsulating Security 
          payload (ESP) and Authentication Header (AH).                        

   Mar 96 Submit Internet-Draft of the Internet Key Management Protocol (IKMP).

   Jul 96 Submit revised Interent-Drafts for ESP, AH, and IP Security 
          Architecture.                                                        

     Done Submit revised Internet-Drafts of IP Security Architecture, ESP, and 
          AH to the IESG for consideration as Draft Standards.                 

     Done Conduct interoperability testing of IKMP (including testing of IKNP 
          with ESP/AH).                                                        

   Mar 97 Submit IKMP to IESG for consideration as a Draft Standard.           


 Internet-Drafts:

Posted Revised       I-D Title  <Filename>
------ ------- ------------------------------------------
 Mar 95 Feb 96  <draft-ietf-ipsec-isakmp-04.txt, .ps> 
                Internet Security Association and Key Management Protocol 
                (ISAKMP)                                                       
 
 Sep 95 Nov 95  <draft-ietf-ipsec-photuris-ext-01.txt> 
                Photuris Extensions                                            
 
 Sep 95 Dec 95  <draft-ietf-ipsec-skip-06.txt> 
                Simple Key-Management For Internet Protocols (SKIP)            
 
 Dec 95 New     <draft-ietf-ipsec-skip-x509-00.txt> 
                X.509 Encoding of Diffie-Hellman Public Values                 
 
 Dec 95 New     <draft-ietf-ipsec-skip-udh-00.txt> 
                Encoding of an Unsigned Diffie-Hellman Public Value            
 
 Dec 95 New     <draft-ietf-ipsec-cdp-00.txt> 
                Certificate Discovery Protocol                                 
 
 Dec 95 New     <draft-ietf-ipsec-skip-adp-00.txt> 
                SKIP Algorithm Discovery Protocol                              
 
 Dec 95 New     <draft-ietf-ipsec-skip-mc-00.txt> 
                SKIP Extensions for IP Multicast                               
 
 Feb 96 New     <draft-ietf-ipsec-oakley-00.txt> 
                The Oakley Key Determination Protocol                          
 
 Feb 96 New     <draft-ietf-ipsec-skip-pfs-00.txt> 
                SKIP extension for Perfect Forward Secrecy (PFS)               
 
 Feb 96 Apr 96  <draft-ietf-ipsec-esp-des-md5-01.txt> 
                Combined DES-CBC, HMAC and Replay Prevention Security Transform
 
 Feb 96 New     <draft-ietf-ipsec-dss-cert-00.txt> 
                DSS Profile for X.509 Certificates                             
 
 Mar 96 New     <draft-ietf-ipsec-hmac-md5-00.txt> 
                HMAC-MD5: Keyed-MD5 for Message Authentication                 
 
 Apr 96 New     <draft-ietf-ipsec-ah-hmac-md5-00.txt> 
                HMAC-MD5 IP Authentication with Replay Prevention              
 
 Apr 96 New     <draft-ietf-ipsec-ah-hmac-sha-00.txt> 
                HMAC-SHA IP Authentication with Replay Prevention              

 Request For Comments:

  RFC  Stat Published    Title 
------- -- ---------- -----------------------------------------
RFC1825 PS   Aug 95     Security Architecture for the Internet Protocol        
 
RFC1826 PS   Aug 95     IP Authentication Header                               
 
RFC1827 PS   Aug 95     IP Encapsulating Security Payload (ESP)                
 
RFC1829 PS   Aug 95     The ESP DES-CBC Transform                              
 
RFC1828 PS   Aug 95     IP Authentication using Keyed MD5