Folks,
This might be of some interest to open-proxy,
as some of the technology may be applicable.
Yours,
Thomas Hardjono
---------------
---------------------------------------------------------------------------
Multicast Security BOF (msec)
Tuesday, December 12 at 1415-1515
Tuesday, December 12 at 1700-1800
=================================
CHAIR: Ran Canetti <canetti(_at_)watson(_dot_)ibm(_dot_)com>
Thomas Hardjono <hardjono(_at_)nortelnetworks(_dot_)com>
DESCRIPTION:
There is significant interest in the networking industry and content
delivery network industry to use IP multicast a vehicle for data
delivery to a large audience. One major hindrance to the successful
deployment of IP multicast and other group-oriented communication
protocols has been the lack of security for both the content and the
content-delivery infrastructure. In particular, there has been
increasing demand for secure solutions for the 1-to-Many type of
group communications, as exemplified by the interest of the cable
television sector in using the Internet for content distribution and
by the recent emergence of the single-source paradigm in IP
multicasting.
To this end, the Secure Multicast (SMuG) research group was formed in
1998 under the umbrella of the IRTF. That group has characterized the
security concerns and problem areas, has come up with a framework for
an overall solution, and has developed protocols for solving much of
the problem space in a satisfactory manner. Several of these protocols
have reached the needed maturity to be considered for standardization
at the IETF.
The proposed WG will further develop and standardize the protocols
developed at the SMuG RG. The focus will be on mature protocols that
are deployable in short term in today's internet. The SMuG RG will
continue to examine issues that need further research, delivering
protocols to MSEC when they are mature. In the immediate future
MSEC will focus on the 1-to-Many group communication, and will
address at least the following issues:
- Developing the transformations to be applied to the multicasted data.
These transformations will provide at least the following
functionalities:
+ Encryption of data using a group key available to all members.
+ Source and Data Authentications even when the data receivers
do not trust each other.
Both functionalities are required for content-authors and
content-distributors. They represent an important element in the
larger digital rights management area.
- Group Security Association and Key Management. Secure protocols are
needed for management of cryptographic keys and Security Associations
for groups. These include techniques for initial key dissemination,
key updates and refreshments, and Group Security Association (Group
SA) management.
Depending on the acceptance and stability of the above two issues, the
following issues will be addressed by the WG in the immediate future:
- Group Security Policies. Different levels of policies exist for a
group, covering a range from member behavior to cryptographic policies.
- Secure group announcements. Information regarding the existence of a
group, its policies, base security mechanisms and methods for joining
needs to be announced in a suitable manner.
Secure multicast touches upon the work of several other working groups.
The proposed WG will take care to coordinate its activities with the
relevant directorates (security, routing, transport) and especially
with the IPSec and RMT working groups.
The WG will not work on:
- Security issues at firewalls and NATs relating to multicast traffic.
- Protection against illegal re-distribution of multicasted data.
AGENDA:
10 mins - Agenda bashing
10 mins - Charter presentation
80 mins - Internet draft presentations:
10 mins - Taxonomy of multicast security concerns
(draft-irtf-smug-taxonomy-01.txt)
10 mins - Framework overview (draft-irtf-smug-framework-01.txt)
- Data transforms:
10 mins - Overall design (draft-irtf-smug-data-transforms-00.txt)
10 mins - Source authentication (draft-irtf-smug-tesla-00.txt)
- Group key and SA management
10 mins - GKM Building Block (draft-irtf-smug-gkmbb-gsadef-00.txt)
10 mins - GSAKMP (draft-harney-sparta-gsakmp-sec-02.txt)
10 mins - Group DOI for ISAKMP (draft-irtf-smug-gdoi-00.txt)
10 mins - Group policy management (draft-mcast-pol-req00.txt)
20 mins - Open Discussion (work descriptions, objectives, goals/milestones)
MAILING LIST
The mailing list is at msec-request(_at_)securemulticast(_dot_)org (or email the
chairs).
The website is at www.securemulticast.org
READING MATERIAL
draft-irtf-smug-taxonomy-02.txt
draft-irtf-smug-framework-01.txt
draft-irtf-smug-data-transforms-01.txt
draft-irtf-smug-tesla-00.txt
draft-irtf-smug-gkmbb-gsadef-00.txt
draft-harney-sparta-gsakmp-sec-02.txt
draft-irtf-smug-gdoi-00.txt
draft-irtf-smug-pol-req00.txt
---------------------------------------------------------------------------
__________________________________________________
Do You Yahoo!?
From homework help to love advice, Yahoo! Experts has your answer.
http://experts.yahoo.com/