Provisioning of Symmetric Keys (keyprov)

Last Modified: 2008-03-13

Additional information is available at tools.ietf.org/wg/keyprov

Chair(s):

  • Phillip Hallam-Baker <pbaker@verisign.com>

  • Hannes Tschofenig <Hannes.Tschofenig@gmx.net>

    Security Area Director(s):

  • Tim Polk <tim.polk@nist.gov>
  • Pasi Eronen <pasi.eronen@nokia.com>

    Security Area Advisor:

  • Pasi Eronen <pasi.eronen@nokia.com>

    Mailing Lists:

    General Discussion: keyprov@ietf.org
    To Subscribe: https://www1.ietf.org/mailman/listinfo/keyprov
    Archive: http://www1.ietf.org/mail-archive/web/keyprov/current/index.html

    Description of Working Group:

    Current developments in deployment of Shared Symmetric Key (SSK)
    tokens have highlighted the need for a standard protocol for
    provisioning symmetric keys.

    The need for provisioning protocols in PKI architectures has been
    recognized for some time. Although the existence and architecture of
    these protocols provides a feasibility proof for the KEYPROV work
    assumptions built into these protocols mean that it is not possible
    to apply them to symmetric key architectures without substantial
    modification.

    In particular the ability to provision symmetric keys and associated
    attributes dynamically to already issued devices such as cell phones
    and USB drives is highly desirable. The working group will develop
    the necessary protocols and data formats required to support
    provisioning and management of symmetric key authentication tokens,
    both proprietary and standards based.

    Input Documents
    ---------------

    The following Internet drafts have been proposed by their authors as
    input documents:

    * Dynamic Symmetric Key Provisioning Protocol (M. Pei, S. Machani)
    * Portable Symmetric Key Container (A. Vassilev, J. Martinsson, M.
    Pei, P. Hoyer, S. Machani)
    * Extensions to CT-KIP to support one- and two-pass key
    initialization (M. Nystroem, S. Machani)

    Scope and Deliverables
    ----------------------

    The scope of the working group shall be to define protocols and data
    formats necessary for provisioning of symmetric cryptographic keys
    and associated attributes.

    The group shall consider use cases related to use of Shared Symmetric
    Key Tokens. Other use cases may be considered for the purpose of
    avoiding unnecessary restrictions in the design and ensure the
    potential for future extensibility.

    The working group will produce the following deliverables:

    * Portable Symmetric Key Container
    * Dynamic Symmetric Key Provisioning Protocol

    Goals and Milestones:

    Jun 2007  WG Last Call Portable Symmetric Key Container
    Jun 2007  WG Last Call Dynamic Symmetric Key Provisioning Protocol
    Aug 2007  IETF Last Call Portable Symmetric Key Container
    Aug 2007  IETF Last Call Dynamic Symmetric Key Provisioning Protocol
    Jan 2008  Complete implementation and interoperability tests
    Jan 2008  WG documents to DRAFT Standard Status

    Internet-Drafts:

    Dynamic Symmetric Key Provisioning Protocol (DSKPP) (222580 bytes)
    Portable Symmetric Key Container (118761 bytes)
    Symmetric Key Package Content Type (14778 bytes)

    No Request For Comments

    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.