2.6.5 IP Security Protocol (ipsec)

NOTE: This charter is a snapshot of the 39th IETF Meeting in Munich, Bavaria, Germany. It may now be out-of-date.


Theodore Ts'o <tytso@mit.edu>
Robert Moskowitz <rgm3@chrysler.com>

Security Area Director(s):

Jeffrey Schiller <jis@mit.edu>

Security Area Advisor:

Jeffrey Schiller <jis@mit.edu>

Mailing Lists:

General Discussion: ipsec@tis.com
To Subscribe: ipsec-request@tis.com
Archive: ftp://ftp.tis.com/pub/lists/ipsec

Description of Working Group:

Rapid advances in communication technology have accentuated the need for security in the Internet. The IP Security Protocol Working Group (IPSEC) will develop mechanisms to protect client protocols of IP. A security protocol in the network layer will be developed to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality.

The protocol formats for the IP Authentication Header (AH) and IP Encapsulating Security Payload (ESP) will be independent of the cryptographic algorithm. The preliminary goals will specifically pursue host-to-host security followed by subnet-to-subnet and host-to-subnet topologies.

Protocol and cryptographic techniques will also be developed to support the key management requirements of the network layer security. The Internet Key Management Protocol (IKMP) will be specified as an application layer protocol that is independent of the lower layer security protocol. The protocol will be based on the ISAKMP/Oakley work begun in:


draft-ietf-ipsec-oakley-01.txt, and


A follow on work item may incorporate mechanisms based on SKIP as defined in:


and related documents. Flexibility in the protocol will allow eventual support of Key Distribution Centers (KDC), such as are used by Kerberos.

Goals and Milestones:



Post as an Internet-Draft the IP Security Protocol.



Post as an Internet-Draft the specification for Internet key management.



Submit the Internet Key Management Protocol to the IESG for consideration as a Proposed Standard.



Conduct initial interoperability testing of Encapsulating Security payload (ESP) and Authentication Header (AH).



Submit revised Internet-Drafts for ESP, AH, and IP Security Architecture.



Submit revised Internet-Drafts of IP Security Architecture, ESP, and AH to the IESG for consideration as Draft Standards.

Dec 96


Submit revised Internet-Drafts of IP Security Architecture, ESP, and AH to the IESG for consideration as Draft Standards.



Submit Internet-Draft of the Internet Key Management Protocol (IKMP) based on ISAKMP/Okay to the IESG for consideration as a Proposed Standard.



Submit Internet-Draft of Internet Key Management Protocol to the IESG for consideration as a Proposed Standard.

Jul 97


Submit IKMP to IESG for consideration as a Draft Standard.


Request For Comments:







IP Authentication using Keyed MD5



IP Authentication Header



Security Architecture for the Internet Protocol



IP Encapsulating Security Payload (ESP)



The ESP DES-CBC Transform



HMAC: Keyed-Hashing for Message Authentication



HMAC-MD5 IP Authentication with Replay Prevention

Current Meeting Report

Minutes of the IPsec Working Group Meeting

Moderator: Ted Ts'o <tytso@mit.edu>, WG Co-Chair

Reported by Rodney Thayer <rodney@sabletech.com>

The WG met on Friday at the IETF meeting in Munich. Approximately 120 people attended. This was MBONE broadcast.


I. Agenda Bashing/Introduction
II. Active WG Documents
III. AH and ESP Review
IV. DES MAC Presentation
V. ISAKMP Review
VI. Architecture Review
VII. Trust Path Topology Presentation
VIII. VPN Presentation
IX. Secure DHCP Presentation
X. IPsec Follow-on Presentation

II. Active WG Documents

Ted presented the list of documents, all 29 of them. This includes top-level, encryption, authentication, key management, and some obsolete Internet Drafts. This does include some that have received little feedback, such as the ISAKMP optimization proposal, and the WG was encouraged to make sure people have reviewed the documents. It was pointed out that there are too many drafts, and we should somehow cut down the number. There was a discussion about what can be advanced, the answer was that some sort of consistent set of documents has to be advanced together so that people can get context when they read them.

III. AH and ESP Review - Steve Kent

Steve Kent reviewed the AH and ESP documents. These together with the Architecture document and the (default, referenced) ESP Cipher and Authentication drafts would make up the minimal set that can be advanced. There was a discussion of window size, which has carried forward to the mailing list. There was some discussion about mutable fields being zero and not some predicted value. There was discussion about sequence number rollover if manually keyed (conclusion: ignore rollover). There was mention that the defaults are now DES/CBC, HMAC-MD5(?), and 64 packet replay window.

IV. DES MAC Presentation - Sara Bitan

This was a proposal to use DES as a MAC algorithm -- do a separate DES operation and use the last DES block (64-bits) as the MAC value. A draft has been written and submitted. The motivation is that you can get DES chips, Authentication algorithms are slow and auth chips are hard to buy (a consideration outside the US)

V. ISAKMP Review - Doug Maughan

Doug Maughan presented the current ISAKMP (V8) draft. There was some discussion about field alignment and padding.

VI. IPSec Architecture Review - Steve Kent

Steve Kent went over the current draft of the Architecture document. There was discussion about 'selectors' (an old section in the document which has received little comment), IPv6 'Class', DOI vs. Architecture inconsistencies. There was discussion about whether ESP should be mandatory for IPv4. A modest amount of Multicast discussion was volunteered to be added to the document.

VII. Topology Discovery - Sara Bitan

Sara Bitan presented a proposal for topology discovery using secure paths among routers.

VIII. Virtual Private Networks - Naganand Doraswamy

Naganand presented a proposal on VPN scenarios using IPsec, with a proposal to add a "TX" DNS record type. There was discussion on whether ICMP could be used, or other schemes.

IX. Secure DHCP - B. Patel

B. Patel did a presentation on how to use DHCP in a secure manner with Ipsec, based on a two stage procedure using two DHCP servers, one untrusted and one trusted.

X. IPsec Follow-on - Steve Bellovin

Steve Bellovin presented his view of what has to happen next with IPsec, dividing things into "critical path," "Useful," and "Hard" items. The only thing left on the critical path is a MIB. There was discussion that there needs to be more somewhere about how applications can use IPsec.


None Received

Attendees List

go to list

Previous PageNext Page