Updated IPSEC Charter

[Paul_Lambert@poncho.phx.sectel.mot.com (Paul Lambert)]

Subject:      Updated IPSEC Charter
Message:
The following is a draft of an updated charter for the IPSEC
Working Group.  Three additional issue areas were added to the
chater - the realationship of IPSEC to the IP suite of protocols,
Rpeek throughS, and labeling.  Note also some small changes in the
schedule.

Paul

----------------------------------------------------------------
                Draft of Updated IPSEC Charter
----------------------------------------------------------------

Internet Protocol Security Protocol (ipsec)

Charter 
 
Chair(s):
     Al Hoover     <hoover@ans.net>
     Paul Lambert  <paul_lambert@email.mot.com>
 
Security Area Director(s) 
     Steve Crocker  <crocker@tis.com>
 
Mailing lists: 
     General Discussion:ipsec@ans.net
     To Subscribe:      ipsec-request@ans.net
     Archive:           ftp.ans.net:~/pub/archive/ipsec

Description of Working Group:

Rapid advances in communication technology have accentuated the need for 
security in the Internet.  The IP Security Protocol Working Group 
(IPSEC) will develop mechanisms to protect client protocols of IP.  The 
IPSEC Working Group will develop a security protocol in the network 
layer to provide cryptographic security services that will flexibly 
support combinations of authentication, integrity, access control, and 
confidentiality.  The protocol formats for the IP Security Protocol 
(IPSP) will be independent of the cryptographic algorithm.  The 
preliminary goals will specifically pursue host-to-host security 
followed by subnet-to-subnet and host-to-subnet topologies.

The working group will examine the relationship of network security the 
suite of IP protocols.  This investigation will include the examination 
of IP as a client of IPSP running over IP.  Recommendations documented 
in the IPSP specification will provide guidelines to protect the IP 
suite of protocols.

The cryptographic encapsulation may hide information that is useful to 
network.  This information may include security labels, addresses, and 
protocol identifiers.  The working group will examine the mapping of 
encapsulated protocol information onto unprotected fields and guidelines 
for any required Rpeek-throughS of information.

Protocol and cryptographic techniques will also be developed to support 
the key management requirements of the IPSP.  The key management will be 
specified as an application layer protocol that is independent of the 
lower layer security protocol.  The protocol will initially support 
public key based techniques.  Flexibility in the protocol will allow 
eventual support of Key Distribution Center (KDC -- such as Kerberos) 
and manual distribution approaches.

Goals and Milestones: 
 
   Mar 93 Review distributed documents and status of related activities. 
          Establish liaisons to IPSO/CIPSO and IPv7 working groups.

   Mar 93 Review pilot experiments with cryptographic network security.

   Mar 93 Post as an Internet-Draft a preliminary version of the IP 
          Security Protocol that supports host-to-host security.

   Mar 93 Review pilot experiments with cryptographic network security.  
          Discuss, debate, and refine the framework for IPSP based on 
          pilot experiments.  Assign writing tasks, and identify issues 
          to be resolved.  Action items will include will include labels 
          (IPSO/CIPSO), Rpeek-through,S support of IP suite, and IP over 
          IPSP over IP.

   Mar 93 Establish baseline goals and starting points for Internet Key 
          Management.

   Jul 93 Update the IPSP Internet-Draft to include subnet-to-subnet and 
          host-to-subnet topologies.  Include preliminary text on 
          labels, Rpeek-through,S and protection of IP suite.

   Jul 93 Review related key management activities, preliminary 
          proposals, and pilot experiments for Internet Key Management.

   Nov 93 Discuss, debate, and establish approaches for third-party 
          interactions for key management (e.g., Kerberos like Key 
          Distribution Center).

   Nov 93 Post as an Internet-Draft a preliminary specification for 
          Internet Key Management.  The specification will support a 
          public key based key establishment mechanism.

   Nov 93 Discuss, debate, and establish approaches for third-party 
          interactions for key management (e.g., Kerberos like Key 
          Distribution Center).

   Nov 93 Report on Pilot Implementation of the IP Security Protocol.
          Update Protocol as needed.

   Mar 94 Report on Pilot implementation of the Internet Key Management 
          Protocol. Update Internet-Draft to include third-party 
          interactions for KDC support.

   Jul 94 Submit the IP Security Protocol to the IESG for consideration 
          as a Proposed Standard.

   Jul 94 Report on Pilot implementation of the Internet Key Management 
          with KDC support.

   Nov 94 Submit the Internet Key Management Protocol to the IESG for 
          consideration as a Proposed Standard.

---

• Prev by Date: Draft IPSEC Agenda
• Prev by thread: Draft IPSEC Agenda
• Index(es):
  • Main
  • Thread