From internet-drafts@ietf.org  Mon Aug  8 17:35:46 2011
Return-Path: <internet-drafts@ietf.org>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85F5C21F8B47; Mon,  8 Aug 2011 17:35:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.577
X-Spam-Level: 
X-Spam-Status: No, score=-102.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b6y1+2DZTSO3; Mon,  8 Aug 2011 17:35:46 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E63721F8B1F; Mon,  8 Aug 2011 17:35:46 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 3.57
Message-ID: <20110809003546.16442.29745.idtracker@ietfa.amsl.com>
Date: Mon, 08 Aug 2011 17:35:46 -0700
Cc: msec@ietf.org
Subject: [MSEC] I-D Action: draft-ietf-msec-gdoi-update-10.txt
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2011 00:35:46 -0000

A New Internet-Draft is available from the on-line Internet-Drafts director=
ies. This draft is a work item of the Multicast Security Working Group of t=
he IETF.

	Title           : The Group Domain of Interpretation
	Author(s)       : Brian Weis
                          Sheela Rowles
                          Thomas Hardjono
	Filename        : draft-ietf-msec-gdoi-update-10.txt
	Pages           : 69
	Date            : 2011-08-08

   This document describes the Group Domain of Interpretation (GDOI)
   protocol specified in RFC 3547.  The GDOI provides group key
   management to support secure group communications according to the
   architecture specified in RFC 4046.  The GDOI manages group security
   associations, which are used by IPsec and potentially other data
   security protocols.  This document replaces RFC 3547.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-msec-gdoi-update-10.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-msec-gdoi-update-10.txt

From internet-drafts@ietf.org  Fri Aug 12 10:57:12 2011
Return-Path: <internet-drafts@ietf.org>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FDAA21F86F6; Fri, 12 Aug 2011 10:57:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.568
X-Spam-Level: 
X-Spam-Status: No, score=-102.568 tagged_above=-999 required=5 tests=[AWL=0.031, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YhBYxo6BJhMi; Fri, 12 Aug 2011 10:57:11 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEB8721F84D8; Fri, 12 Aug 2011 10:57:11 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 3.57
Message-ID: <20110812175711.1469.93481.idtracker@ietfa.amsl.com>
Date: Fri, 12 Aug 2011 10:57:11 -0700
Cc: msec@ietf.org
Subject: [MSEC] I-D Action: draft-ietf-msec-gdoi-update-11.txt
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2011 17:57:12 -0000

A New Internet-Draft is available from the on-line Internet-Drafts director=
ies. This draft is a work item of the Multicast Security Working Group of t=
he IETF.

	Title           : The Group Domain of Interpretation
	Author(s)       : Brian Weis
                          Sheela Rowles
                          Thomas Hardjono
	Filename        : draft-ietf-msec-gdoi-update-11.txt
	Pages           : 70
	Date            : 2011-08-12

   This document describes the Group Domain of Interpretation (GDOI)
   protocol specified in RFC 3547.  The GDOI provides group key
   management to support secure group communications according to the
   architecture specified in RFC 4046.  The GDOI manages group security
   associations, which are used by IPsec and potentially other data
   security protocols.  This document replaces RFC 3547.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-msec-gdoi-update-11.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-msec-gdoi-update-11.txt

From iesg-secretary@ietf.org  Mon Aug 15 13:22:05 2011
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 919AB21F8C89; Mon, 15 Aug 2011 13:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.539
X-Spam-Level: 
X-Spam-Status: No, score=-102.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VWJPYaJp0v1P; Mon, 15 Aug 2011 13:22:05 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B13F021F8C0C; Mon, 15 Aug 2011 13:22:04 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 3.58
Message-ID: <20110815202204.21842.13570.idtracker@ietfa.amsl.com>
Date: Mon, 15 Aug 2011 13:22:04 -0700
Cc: msec mailing list <msec@ietf.org>, msec chair <msec-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [MSEC] Protocol Action: 'The Group Domain of Interpretation' to Proposed	Standard (draft-ietf-msec-gdoi-update-11.txt)
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2011 20:22:05 -0000

The IESG has approved the following document:
- 'The Group Domain of Interpretation'
  (draft-ietf-msec-gdoi-update-11.txt) as a Proposed Standard

This document is the product of the Multicast Security Working Group.

The IESG contact persons are Sean Turner and Stephen Farrell.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-msec-gdoi-update/




Technical Summary

   This document describes an updated version of the Group Domain of
   Interpretation (GDOI) protocol specified in RFC 3547.  The GDOI
   provides group key management to support secure group communications
   according to the architecture specified in RFC 4046.  The GDOI
   manages group security associations, which are used by IPsec and
   potentially other data security protocols.

Working Group Summary

   This document, in its initial form (2006-2007) raised little discussion
   in the group. Then it entered dormant mode till its revival in 2010.
   Since then several reviews took place and issues found have been
   gracefully corrected.

Document Quality

   Cisco has a GDOI implementation. The experience gained while
   implementing GDOI justified recent changes to the document. 

Personnel

   Vincent Roca (vincent.roca@inria.fr) is the Document Shepherd.
   Sean Turner (turners@ieca.com) is the responsible AD




From sampreeth@gmail.com  Tue Aug 23 03:00:14 2011
Return-Path: <sampreeth@gmail.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B105921F87E2 for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 03:00:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RK7Um+cIpPJw for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 03:00:14 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 384E121F87D9 for <msec@ietf.org>; Tue, 23 Aug 2011 03:00:14 -0700 (PDT)
Received: by yxj17 with SMTP id 17so3525804yxj.31 for <msec@ietf.org>; Tue, 23 Aug 2011 03:01:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=q+LDW27fa+++muti0N9LqfgDH9XknzedH4wlscoqFEg=; b=X4PvY7YSzEzBQW8IzjwHyP5JF8qCEb3YV/OYu0B7zuhl+e2fv62/4afO+BweylVh/A SxX+G0HTZoghPm+Ae6XS5qL78VYxVeEOwRzK5gPpwFdJSsErTKXRDiXjk6/CPD/AmRL+ cPz4n1gG7PY1dSu7qtLkIZqoT67avfXHqBbnQ=
MIME-Version: 1.0
Received: by 10.236.154.199 with SMTP id h47mr21742950yhk.81.1314093681429; Tue, 23 Aug 2011 03:01:21 -0700 (PDT)
Received: by 10.236.34.229 with HTTP; Tue, 23 Aug 2011 03:01:21 -0700 (PDT)
Date: Tue, 23 Aug 2011 15:31:21 +0530
Message-ID: <CAODMbr1Q4AjkPNAdnNnAM-Z=QDN_qThixiah7tTRiOspFQJ7dg@mail.gmail.com>
From: sampreeth ramavana <sampreeth@gmail.com>
To: msec@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: [MSEC] multicast security protocols
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2011 10:01:36 -0000

Hi,

For implementing multicast security at the application layer which key
management protocol is recommended, in terms of widely used, deployed
and more secure.
I could see RFC's for GDOI, MIKey and GSAKMP. Your inputs are greatly
appreciated.

Thanks,
Sampreeth

From sampreeth@gmail.com  Tue Aug 23 22:34:38 2011
Return-Path: <sampreeth@gmail.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C9AE21F8BB9 for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 22:34:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QCLbbDrp3Tu4 for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 22:34:38 -0700 (PDT)
Received: from mail-yi0-f44.google.com (mail-yi0-f44.google.com [209.85.218.44]) by ietfa.amsl.com (Postfix) with ESMTP id 2155D21F8BAD for <msec@ietf.org>; Tue, 23 Aug 2011 22:34:38 -0700 (PDT)
Received: by yie12 with SMTP id 12so770215yie.31 for <msec@ietf.org>; Tue, 23 Aug 2011 22:35:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=r6tJCS49Hsjes0kiJ08ckvftwvcjmgohJqaevok1QlU=; b=YtDp3g18Lb9iZZw4CvPuw78j4gx0FvPOkKzshms3yv+zfz4nTkUwcXappDZVBduMQD h2KW1MWmKW8OrO3oflaO6ldSgXu+c+m+pzIa5OzxFA44Lk+0Y19YZ4ruycovZ//FjmrW 7TeuPcnfSE9khYjd7qKr0WhXokuYq8HyoPUII=
MIME-Version: 1.0
Received: by 10.150.213.8 with SMTP id l8mr5065324ybg.214.1314164147554; Tue, 23 Aug 2011 22:35:47 -0700 (PDT)
Received: by 10.236.34.229 with HTTP; Tue, 23 Aug 2011 22:35:47 -0700 (PDT)
Date: Wed, 24 Aug 2011 11:05:47 +0530
Message-ID: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com>
From: sampreeth ramavana <sampreeth@gmail.com>
To: msec@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 05:34:38 -0000

Hi All,

Is there any multicast security protocol that can be implemented in
the application layer?

I was seeing the GDOI protocol was mainly talking about implementing
using the IPSec at the IP layer. Can GDOI protocol also be useful if
implemented at application layer.

Thanks,
Sampreeth

From ken@codelabs.ch  Tue Aug 23 23:53:19 2011
Return-Path: <ken@codelabs.ch>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E54D121F8AD2 for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 23:53:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0OhWh4zO9xDw for <msec@ietfa.amsl.com>; Tue, 23 Aug 2011 23:53:19 -0700 (PDT)
Received: from fenrir.codelabs.ch (mail.codelabs.ch [217.150.249.120]) by ietfa.amsl.com (Postfix) with ESMTP id E605221F8A56 for <msec@ietf.org>; Tue, 23 Aug 2011 23:53:18 -0700 (PDT)
X-Virus-Scanned: by codelabs.ch
Message-ID: <4E54A020.4020600@codelabs.ch>
Date: Wed, 24 Aug 2011 08:54:24 +0200
From: Adrian-Ken Rueegsegger <ken@codelabs.ch>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110818 Icedove/3.0.11
MIME-Version: 1.0
To: sampreeth ramavana <sampreeth@gmail.com>
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com>
In-Reply-To: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com>
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 06:53:20 -0000

Hi Sampreeth,

On 08/24/2011 07:35 AM, sampreeth ramavana wrote:
> Hi All,
> 
> Is there any multicast security protocol that can be implemented in
> the application layer?
> 
> I was seeing the GDOI protocol was mainly talking about implementing
> using the IPSec at the IP layer. Can GDOI protocol also be useful if
> implemented at application layer.

GDOI can be extended to provide key material for other protocols. Mark,
Sheela and I wrote a draft (which has since expired) which specifies the
usage of GDOI with SRTP [1].

Regards,
Adrian

[1] - http://tools.ietf.org/html/draft-ietf-msec-gdoi-srtp

From sheela@cisco.com  Wed Aug 24 07:09:49 2011
Return-Path: <sheela@cisco.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D2B21F86AA for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 07:09:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=-4.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkwhHIs1uGHX for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 07:09:49 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 2B33121F8678 for <msec@ietf.org>; Wed, 24 Aug 2011 07:09:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=sheela@cisco.com; l=1184; q=dns/txt; s=iport; t=1314195060; x=1315404660; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=eLe0AM8Qn3lx9tfXgmZ/h5gO2X88mmU5ftL8ZzkmpRY=; b=H8RF7ahKr6VQEEDaeOpUQr8EhbmWhxUs4oWNLpv61BNe/RxexaoNaiqz bz+bIyA++ZI8qGsjoV9hOMe6kFa+OBL+iZj+h2GsJQTmQQdDzrpIqM3D3 ifUD41ZXCfqE0jRYqMghYaVZIPPWazp4A4g7VtVWTGDIfE4clGc3DVBad 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ArYAABYGVU6rRDoG/2dsb2JhbABCmB6PWXeBQAEBAQEDAQEBDwEdCjQLDAQCAQgRBAEBAQoGFwEGASYfCQgBAQQBEggah1OcLAGfN4VqXwSHYZBOjAU
X-IronPort-AV: E=Sophos;i="4.68,275,1312156800"; d="scan'208";a="16049543"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by rcdn-iport-6.cisco.com with ESMTP; 24 Aug 2011 14:10:43 +0000
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id p7OEAhKI009463; Wed, 24 Aug 2011 14:10:43 GMT
Received: from xmb-sjc-224.amer.cisco.com ([128.107.191.98]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675);  Wed, 24 Aug 2011 07:10:43 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 24 Aug 2011 07:10:40 -0700
Message-ID: <6B9C4B97B82F924485E26968EB05A6EE0D113659@xmb-sjc-224.amer.cisco.com>
In-Reply-To: <4E54A020.4020600@codelabs.ch>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
thread-topic: [MSEC] Application layer multicast security protocol
Thread-Index: AcxiKrLPEo/N42Q1TqGuzA6h3oSJ5wAPLVOg
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com> <4E54A020.4020600@codelabs.ch>
From: "Sheela Rowles (sheela)" <sheela@cisco.com>
To: "Adrian-Ken Rueegsegger" <ken@codelabs.ch>, "sampreeth ramavana" <sampreeth@gmail.com>, "Dan Wing (dwing)" <dwing@cisco.com>
X-OriginalArrivalTime: 24 Aug 2011 14:10:43.0353 (UTC) FILETIME=[9C7D9090:01CC6267]
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 14:09:50 -0000

Added Dan Wing since the GDOI/SRTP draft was dropped because Dan Wing
had an alternative draft.  Sorry can't remember the details now.

Sheela

-----Original Message-----
From: msec-bounces@ietf.org [mailto:msec-bounces@ietf.org] On Behalf Of
Adrian-Ken Rueegsegger
Sent: Tuesday, August 23, 2011 11:54 PM
To: sampreeth ramavana
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol

Hi Sampreeth,

On 08/24/2011 07:35 AM, sampreeth ramavana wrote:
> Hi All,
>=20
> Is there any multicast security protocol that can be implemented in
> the application layer?
>=20
> I was seeing the GDOI protocol was mainly talking about implementing
> using the IPSec at the IP layer. Can GDOI protocol also be useful if
> implemented at application layer.

GDOI can be extended to provide key material for other protocols. Mark,
Sheela and I wrote a draft (which has since expired) which specifies the
usage of GDOI with SRTP [1].

Regards,
Adrian

[1] - http://tools.ietf.org/html/draft-ietf-msec-gdoi-srtp
_______________________________________________
MSEC mailing list
MSEC@ietf.org
https://www.ietf.org/mailman/listinfo/msec

From Adam.Lewis@motorolasolutions.com  Wed Aug 24 05:14:17 2011
Return-Path: <Adam.Lewis@motorolasolutions.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4579721F8AD3 for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 05:14:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level: 
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Biw7wgDbVIoM for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 05:14:16 -0700 (PDT)
Received: from mail119.messagelabs.com (mail119.messagelabs.com [216.82.241.195]) by ietfa.amsl.com (Postfix) with ESMTP id 68D6021F8B02 for <msec@ietf.org>; Wed, 24 Aug 2011 05:14:16 -0700 (PDT)
X-Env-Sender: Adam.Lewis@motorolasolutions.com
X-Msg-Ref: server-10.tower-119.messagelabs.com!1314188124!25708735!1
X-Originating-IP: [136.182.1.12]
X-StarScan-Version: 6.3.6; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 13092 invoked from network); 24 Aug 2011 12:15:25 -0000
Received: from motgate2.mot-solutions.com (HELO motgate2.mot-solutions.com) (136.182.1.12) by server-10.tower-119.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 24 Aug 2011 12:15:25 -0000
Received: from il27exr01.cig.mot.com (il27exr01.mot.com [10.17.196.70]) by motgate2.mot-solutions.com (8.14.3/8.14.3) with ESMTP id p7OCFOZS014588 for <msec@ietf.org>; Wed, 24 Aug 2011 05:15:24 -0700 (MST)
Received: from il06exr03.mot.com (il06vts02.mot.com [129.188.137.142]) by il27exr01.cig.mot.com (8.13.1/Vontu) with ESMTP id p7OCFNgH004938 for <msec@ietf.org>; Wed, 24 Aug 2011 07:15:23 -0500 (CDT)
Received: from de01exm70.ds.mot.com (de01exm70.am.mot.com [10.176.8.26]) by il06exr03.mot.com (8.13.1/8.13.0) with ESMTP id p7OCFM4U001368 for <msec@ietf.org>; Wed, 24 Aug 2011 07:15:22 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 24 Aug 2011 08:14:59 -0400
Message-ID: <1F9250DB00086D4E90A7FBC13C5EAF540F1847AA@de01exm70.ds.mot.com>
In-Reply-To: <4E54A020.4020600@codelabs.ch>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [MSEC] Application layer multicast security protocol
thread-index: AcxiKrJqwXH5uf3xSDCTn3gs4C9pSgALHvgw
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com> <4E54A020.4020600@codelabs.ch>
From: "Lewis Adam-CAL022" <Adam.Lewis@motorolasolutions.com>
To: "Adrian-Ken Rueegsegger" <ken@codelabs.ch>, "sampreeth ramavana" <sampreeth@gmail.com>
X-CFilter-Loop: Reflected
X-Mailman-Approved-At: Wed, 24 Aug 2011 09:02:57 -0700
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 12:17:19 -0000

You can also take a look at MIKEY (rfc3830).

MIKEY can bootstrap SRTP/SRTCP, but it's really a very generic key
transport protocol that transports a crypto key (could be a group key)
from point A to point B.  Your application can use the key as it sees
fit. =20

adam



-----Original Message-----
From: msec-bounces@ietf.org [mailto:msec-bounces@ietf.org] On Behalf Of
Adrian-Ken Rueegsegger
Sent: Wednesday, August 24, 2011 1:54 AM
To: sampreeth ramavana
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol

Hi Sampreeth,

On 08/24/2011 07:35 AM, sampreeth ramavana wrote:
> Hi All,
>=20
> Is there any multicast security protocol that can be implemented in
> the application layer?
>=20
> I was seeing the GDOI protocol was mainly talking about implementing
> using the IPSec at the IP layer. Can GDOI protocol also be useful if
> implemented at application layer.

GDOI can be extended to provide key material for other protocols. Mark,
Sheela and I wrote a draft (which has since expired) which specifies the
usage of GDOI with SRTP [1].

Regards,
Adrian

[1] - http://tools.ietf.org/html/draft-ietf-msec-gdoi-srtp
_______________________________________________
MSEC mailing list
MSEC@ietf.org
https://www.ietf.org/mailman/listinfo/msec

From mbaugher@cisco.com  Wed Aug 24 10:27:07 2011
Return-Path: <mbaugher@cisco.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E32921F85B9 for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 10:27:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hVuuL+rnilVX for <msec@ietfa.amsl.com>; Wed, 24 Aug 2011 10:27:06 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id A776521F8562 for <msec@ietf.org>; Wed, 24 Aug 2011 10:27:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mbaugher@cisco.com; l=772; q=dns/txt; s=iport; t=1314206898; x=1315416498; h=subject:mime-version:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=WNavcWkctHZvyTitZUqVXtiBuF3yjWX0Sz4NpIhKYAY=; b=Pe9cG9AJuoLXVnty3gqlR3xBFECgQsjGqqnSh7Z6rdhRBkKwUAqHW9Rt L8Th9YtQZDVkmhu4nh/iLvkoWMD8uaXqmphDOOj04MilWlxs0m4J03jJc EfnWwqr2vbiC1Jr3c5BuPce7KZ5LSxUctKtlgRxwnu4w39d08GADTrKca c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EAAs0VU6rRDoH/2dsb2JhbABCp3l3gUABAQEBAgEBAQEPASc0CwULC0YnMAYTIodPBJwsAZ8uhWpfBIdhiziRGw
X-IronPort-AV: E=Sophos;i="4.68,276,1312156800"; d="scan'208";a="16132469"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by rcdn-iport-2.cisco.com with ESMTP; 24 Aug 2011 17:28:15 +0000
Received: from sjc-mbaugher-8712.cisco.com (sjc-mbaugher-8712.cisco.com [10.19.93.35]) by mtv-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id p7OHSEp7014806; Wed, 24 Aug 2011 17:28:15 GMT
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: Mark Baugher <mbaugher@cisco.com>
In-Reply-To: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com>
Date: Wed, 24 Aug 2011 10:28:14 -0700
Content-Transfer-Encoding: 7bit
Message-Id: <A33534CC-EBED-4EE5-B4A6-5320F5476DD5@cisco.com>
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com>
To: sampreeth ramavana <sampreeth@gmail.com>
X-Mailer: Apple Mail (2.1084)
Cc: msec@ietf.org
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 17:27:07 -0000

Yes, GDOI, like ISAKMP, is intended to support a variety of applications
in user space and in the kernel.  The current open source implementation
is closely tied to IPsec, however, and changes will need to be made to
extend it beyond IPsec.

Mark
On Aug 23, 2011, at 10:35 PM, sampreeth ramavana wrote:

> Hi All,
> 
> Is there any multicast security protocol that can be implemented in
> the application layer?
> 
> I was seeing the GDOI protocol was mainly talking about implementing
> using the IPSec at the IP layer. Can GDOI protocol also be useful if
> implemented at application layer.
> 
> Thanks,
> Sampreeth
> _______________________________________________
> MSEC mailing list
> MSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/msec


From sampreeth@gmail.com  Thu Aug 25 02:50:08 2011
Return-Path: <sampreeth@gmail.com>
X-Original-To: msec@ietfa.amsl.com
Delivered-To: msec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 036EC21F8562 for <msec@ietfa.amsl.com>; Thu, 25 Aug 2011 02:50:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level: 
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zgMlDuGUVsrw for <msec@ietfa.amsl.com>; Thu, 25 Aug 2011 02:50:07 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id 4E12421F850B for <msec@ietf.org>; Thu, 25 Aug 2011 02:50:07 -0700 (PDT)
Received: by gwb20 with SMTP id 20so1889922gwb.31 for <msec@ietf.org>; Thu, 25 Aug 2011 02:51:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=uUwlq4iDjrF8Q8yy9tst0dNqMtnfxBLEfVUTgRXiVuk=; b=s90VAfaIJfocExvkBABuEzwzHccBbjhgfsqJxrEjZQepF8dujGNGeXg/igC+vMwpXK rdYhfr0/njcVW6j+KmKp56CkOHNRtbPPJxYr8SUcXRkZLesoAHjjYYzoOzlekvADXIW7 Eh7CvlBselmd6gToTlqdI+CZ35ITphDO0ooaU=
MIME-Version: 1.0
Received: by 10.236.116.194 with SMTP id g42mr39177096yhh.0.1314265880195; Thu, 25 Aug 2011 02:51:20 -0700 (PDT)
Received: by 10.236.34.229 with HTTP; Thu, 25 Aug 2011 02:51:20 -0700 (PDT)
In-Reply-To: <1F9250DB00086D4E90A7FBC13C5EAF540F1847AA@de01exm70.ds.mot.com>
References: <CAODMbr0VCDd+m+3VunK8HOx1r+cmncQubWQAH0hCweVMqrpOzg@mail.gmail.com> <4E54A020.4020600@codelabs.ch> <1F9250DB00086D4E90A7FBC13C5EAF540F1847AA@de01exm70.ds.mot.com>
Date: Thu, 25 Aug 2011 15:21:20 +0530
Message-ID: <CAODMbr0pY8LxCeQWKQ-SrDmOy0q+0WnEBiQved_Z2po3ceZM=Q@mail.gmail.com>
From: sampreeth ramavana <sampreeth@gmail.com>
To: msec@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: Lewis Adam-CAL022 <Adam.Lewis@motorolasolutions.com>
Subject: Re: [MSEC] Application layer multicast security protocol
X-BeenThere: msec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multicast Security List <msec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/msec>, <mailto:msec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/msec>
List-Post: <mailto:msec@ietf.org>
List-Help: <mailto:msec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/msec>, <mailto:msec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2011 09:50:08 -0000

Hi All,

Thanks for all the responses. SRTP along with MIKey/GDOI seems to fit
well. Are there any open source implementations on MIKey?

Also is SRTP tested if it is useful for streaming media. Am asking
this coz most of the references to SRTP were for VoIP applications.

Thanks,
Sampreeth

On Wed, Aug 24, 2011 at 5:44 PM, Lewis Adam-CAL022
<Adam.Lewis@motorolasolutions.com> wrote:
> You can also take a look at MIKEY (rfc3830).
>
> MIKEY can bootstrap SRTP/SRTCP, but it's really a very generic key
> transport protocol that transports a crypto key (could be a group key)
> from point A to point B. =A0Your application can use the key as it sees
> fit.
>
> adam
>
>
>
> -----Original Message-----
> From: msec-bounces@ietf.org [mailto:msec-bounces@ietf.org] On Behalf Of
> Adrian-Ken Rueegsegger
> Sent: Wednesday, August 24, 2011 1:54 AM
> To: sampreeth ramavana
> Cc: msec@ietf.org
> Subject: Re: [MSEC] Application layer multicast security protocol
>
> Hi Sampreeth,
>
> On 08/24/2011 07:35 AM, sampreeth ramavana wrote:
>> Hi All,
>>
>> Is there any multicast security protocol that can be implemented in
>> the application layer?
>>
>> I was seeing the GDOI protocol was mainly talking about implementing
>> using the IPSec at the IP layer. Can GDOI protocol also be useful if
>> implemented at application layer.
>
> GDOI can be extended to provide key material for other protocols. Mark,
> Sheela and I wrote a draft (which has since expired) which specifies the
> usage of GDOI with SRTP [1].
>
> Regards,
> Adrian
>
> [1] - http://tools.ietf.org/html/draft-ietf-msec-gdoi-srtp
> _______________________________________________
> MSEC mailing list
> MSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/msec
>



--=20
--------------------------
SAMPREETH
--------------------------