| rfc9838v3.txt | rfc9838.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) V. Smyslov | Internet Engineering Task Force (IETF) V. Smyslov | |||
| Request for Comments: 9838 ELVIS-PLUS | Request for Comments: 9838 ELVIS-PLUS | |||
| Obsoletes: 6407 B. Weis | Obsoletes: 6407 B. Weis | |||
| Category: Standards Track Independent | Category: Standards Track Independent | |||
| ISSN: 2070-1721 October 2025 | ISSN: 2070-1721 November 2025 | |||
| Group Key Management Using the Internet Key Exchange Protocol Version 2 | Group Key Management Using the Internet Key Exchange Protocol Version 2 | |||
| (IKEv2) | (IKEv2) | |||
| Abstract | Abstract | |||
| This document presents an extension to the Internet Key Exchange | This document presents an extension to the Internet Key Exchange | |||
| Protocol Version 2 (IKEv2) for the purpose of group key management. | Protocol Version 2 (IKEv2) for the purpose of group key management. | |||
| The protocol is in conformance with the Multicast Security (MSEC) | The protocol is in conformance with the Multicast Security (MSEC) | |||
| Group Key Management architecture, which contains two components: | Group Key Management architecture, which contains two components: | |||
| skipping to change at line 3171 ¶ | skipping to change at line 3171 ¶ | |||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | RFC 8126, DOI 10.17487/RFC8126, June 2017, | |||
| <https://www.rfc-editor.org/info/rfc8126>. | <https://www.rfc-editor.org/info/rfc8126>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC9827] Smyslov, V., "Renaming the Extended Sequence Numbers (ESN) | [RFC9827] Smyslov, V., "Renaming the Extended Sequence Numbers (ESN) | |||
| Transform Type in the Internet Key Exchange Protocol | Transform Type in the Internet Key Exchange Protocol | |||
| Version 2 (IKEv2)", RFC 9827, DOI 10.17487/RFC9827, | Version 2 (IKEv2)", RFC 9827, DOI 10.17487/RFC9827, | |||
| September 2025, <https://www.rfc-editor.org/info/rfc9827>. | November 2025, <https://www.rfc-editor.org/info/rfc9827>. | |||
| 10.2. Informative References | 10.2. Informative References | |||
| [ARX-KW] Shinichi, S., "ARX-KW, a family of key wrapping | [ARX-KW] Shinichi, S., "ARX-KW, a family of key wrapping | |||
| constructions using SipHash and ChaCha", Cryptology ePrint | constructions using SipHash and ChaCha", Cryptology ePrint | |||
| Archive, Paper 2020/059, January 2020, | Archive, Paper 2020/059, January 2020, | |||
| <https://eprint.iacr.org/2020/059.pdf>. | <https://eprint.iacr.org/2020/059.pdf>. | |||
| [G-IKEV2] Rowles, S., Yeung, A., Tran, P., and Y. Nir, "Group Key | [G-IKEV2] Rowles, S., Yeung, A., Tran, P., and Y. Nir, "Group Key | |||
| Management using IKEv2", Work in Progress, Internet-Draft, | Management using IKEv2", Work in Progress, Internet-Draft, | |||
| skipping to change at line 3339 ¶ | skipping to change at line 3339 ¶ | |||
| [RFC9370] Tjhai, CJ., Tomlinson, M., Bartlett, G., Fluhrer, S., Van | [RFC9370] Tjhai, CJ., Tomlinson, M., Bartlett, G., Fluhrer, S., Van | |||
| Geest, D., Garcia-Morchon, O., and V. Smyslov, "Multiple | Geest, D., Garcia-Morchon, O., and V. Smyslov, "Multiple | |||
| Key Exchanges in the Internet Key Exchange Protocol | Key Exchanges in the Internet Key Exchange Protocol | |||
| Version 2 (IKEv2)", RFC 9370, DOI 10.17487/RFC9370, May | Version 2 (IKEv2)", RFC 9370, DOI 10.17487/RFC9370, May | |||
| 2023, <https://www.rfc-editor.org/info/rfc9370>. | 2023, <https://www.rfc-editor.org/info/rfc9370>. | |||
| [RFC9867] Smyslov, V., "Mixing Preshared Keys in the | [RFC9867] Smyslov, V., "Mixing Preshared Keys in the | |||
| IKE_INTERMEDIATE and CREATE_CHILD_SA Exchanges of the | IKE_INTERMEDIATE and CREATE_CHILD_SA Exchanges of the | |||
| Internet Key Exchange Protocol Version 2 (IKEv2) for Post- | Internet Key Exchange Protocol Version 2 (IKEv2) for Post- | |||
| Quantum Security", RFC 9867, DOI 10.17487/RFC9867, October | Quantum Security", RFC 9867, DOI 10.17487/RFC9867, | |||
| 2025, <https://www.rfc-editor.org/info/rfc9867>. | November 2025, <https://www.rfc-editor.org/info/rfc9867>. | |||
| Appendix A. Use of LKH in G-IKEv2 | Appendix A. Use of LKH in G-IKEv2 | |||
| Section 5.4 of [RFC2627] describes the LKH architecture and how a | Section 5.4 of [RFC2627] describes the LKH architecture and how a | |||
| GCKS uses LKH to exclude GMs. This section clarifies how the LKH | GCKS uses LKH to exclude GMs. This section clarifies how the LKH | |||
| architecture is used with G-IKEv2. | architecture is used with G-IKEv2. | |||
| A.1. Notation | A.1. Notation | |||
| In this section, we will use the notation X{Y}, where a key with ID Y | In this section, we will use the notation X{Y}, where a key with ID Y | |||
| End of changes. 3 change blocks. | ||||
| 4 lines changed or deleted | 4 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||