Intradomain Group Key Management Protocol draft-ietf-ipsec-intragkm-00.txt

1. Intradomain Group Key Management Protocoldraft-ietf-ipsec-intragkm-00.txt Thomas Hardjono Brad Cain Inder Monga Nortel Networks

2. Brief Description • Domain divided into a number of “areas” • Areas are administratively-scoped • Distinguish: data group and control-group • Each area has N control-groups • A member in an area also joins one control-group • Special control-group: All-KD-group • One control group may serve multiple multicast (data) groups

3. Brief Description • Key Distributors: • Domain: Domain Key Distributor (DKD) • Area: Area Key Distributor (AKD) • Keys: • Multicast-Key for data group • Area-Group-Key for area control group • All-KD-Key for special All-KD-group • Area-Group-Key unique for each (multicast group, control-group) pair