IP Security Protocol (ipsec) ---------------------------- Charter Last Modified: 2004-06-07 Current Status: Active Working Group Chair(s): Barbara Fraser Theodore Ts'o Security Area Director(s): Russ Housley Sam Hartman Security Area Advisor: Russ Housley Technical Advisor(s): Angelos Keromytis Tero Kivinen Mailing Lists: General Discussion:ipsec@ietf.org To Subscribe: ipsec-request@ietf.org Archive: http://www.ietf.org/mail-archive/web/ipsec/index.html Description of Working Group: Goals and Milestones: Done Post as an Internet-Draft the IP Security Protocol. Done Post as an Interenet-Draft the specification for Internet key management. Done Submit the Internet Key Management Protocol to the IESG for consideration as a Proposed Standard. Done Conduct initial interoperability testing of Encapsulating Security payload (ESP) and Authentication Header (AH). Done Submit revised Interent-Drafts for ESP, AH, and IP Security Architecture. Done Submit revised Internet-Drafts of IP Security Architecture, ESP, and AH to the IESG for consideration as Draft Standards. Done Submit Internet-Draft of the Internet Key Management Protocol (IKMP) based on ISAKMP/Oakley to the IESG for consideration as a Proposed Standard. Done Submit Internet-Draft of Internet Key Management Protocol to the IESG for consideration as a Proposed Standard. Done Internet Drafts on NAT and Firewall traversal, IKE MIBs, and requirements for IPsec and IKE for use with SCTP, to working group last call. Done Submit revised Internet-Drafts of NAT and Firewall traversal, IKE MIBs, and SCTP support for considerations as Draft Standards. Done Internet-Drafts on sequence number expansion in IKE, and IKE re-keying completed. Done Internet-Drafts on AES/SHA-2, sequence number expansion, and IKE re-keying to working group last call. Done Internet-Draft on IKE v2 Requirements to working group last call Done Internet-Drafts describing candidate IKE v2 approaches submitted to the working group. Done Submit revised Internet-Drafts on AES/SHA-2, sequence number expansion, and IKE rekeying for consideration as Draft Standards. Done Discuss and select the IKE v2 design from candidate approaches. Done Submit IKEv2 for consideration as Draft Standard Nov 03 Revised draft on IPsec Architecture to working group last call Jan 04 Submit revised draft on IPsec Architecture for consideration as Draft Standard Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Oct 97 Mar 05 IP Encapsulating Security Payload (ESP) May 99 Apr 05 Additional ECC Groups For IKE Mar 00 Apr 05 IKE Authentication Using ECDSA Nov 01 Oct 04 Internet Key Exchange (IKEv2) Protocol Mar 02 Mar 05 IP Authentication Header Jul 02 Feb 04 Extended Sequence Number Addendum to IPsec DOI for ISAKMP Jan 03 Nov 03 Using AES CCM Mode With IPsec ESP May 03 Apr 04 Cryptographic Algorithms for use in the Internet Key Exchange Version 2 May 03 Apr 04 Cryptographic Suites for IPsec Oct 03 Apr 05 Security Architecture for the Internet Protocol Dec 03 Aug 04 Cryptographic Algorithm Implementation Requirements For ESP And AH Apr 04 Apr 04 The Use of Galois/Counter Mode (GCM) in IPsec ESP Apr 05 Apr 05 IKEv2 Authentication Using ECDSA Apr 05 Apr 05 ECP Groups For IKE Apr 05 Apr 05 ECC Groups For IKEv2 Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC1829 PS Aug 95 The ESP DES-CBC Transform RFC1827 PS Aug 95 IP Encapsulating Security Payload (ESP) RFC1828 PS Aug 95 IP Authentication using Keyed MD5 RFC1826 PS Aug 95 IP Authentication Header RFC1825 PS Aug 95 Security Architecture for the Internet Protocol RFC2104 I Feb 97 HMAC: Keyed-Hashing for Message Authentication RFC2085 PS Feb 97 HMAC-MD5 IP Authentication with Replay Prevention RFC2401 PS Nov 98 Security Architecture for the Internet Protocol RFC2410 PS Nov 98 The NULL Encryption Algorithm and Its Use With IPsec RFC2411 I Nov 98 IP Security Document Roadmap RFC2402 PS Nov 98 IP Authentication Header RFC2412 I Nov 98 The OAKLEY Key Determination Protocol RFC2451 PS Nov 98 The ESP CBC-Mode Cipher Algorithms RFC2403 PS Nov 98 The Use of HMAC-MD5-96 within ESP and AH RFC2404 PS Nov 98 The Use of HMAC-SHA-1-96 within ESP and AH RFC2405 PS Nov 98 The ESP DES-CBC Cipher Algorithm With Explicit IV RFC2406 PS Nov 98 IP Encapsulating Security Payload (ESP) RFC2407 PS Nov 98 The Internet IP Security Domain of Interpretation for ISAKMP RFC2408 PS Nov 98 Internet Security Association and Key Management Protocol (ISAKMP) RFC2409 PS Nov 98 The Internet Key Exchange (IKE) RFC2857 PS Jun 00 The Use of HMAC-RIPEMD-160-96 within ESP and AH RFC3526 PS May 03 More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) RFC3554 PS Jul 03 On the Use of Stream Control Transmission Protocol (SCTP) with IPsec RFC3566 PS Sep 03 The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec RFC3602 PS Sep 03 The AES-CBC Cipher Algorithm and Its Use with IPsec RFC3664Standard Jan 04 The AES-XCBC-PRF-128 algorithm for IKE RFC3686Standard Jan 04 Using AES Counter Mode With IPsec ESP RFC3706 I Feb 04 A Traffic-Based Method of Detecting Dead IKE Peers RFC3715 I Mar 04 IPsec-NAT Compatibility Requirements RFC3947Standard Jan 05 Negotiation of NAT-Traversal in the IKE RFC3948Standard Jan 05 UDP Encapsulation of IPsec Packets