One document matched: draft-barnes-mikey-sakke-mcptt-00.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "http://xml.resource.org/authoring/rfc2629.dtd" [
<!ENTITY RFC3830 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3830.xml">
<!ENTITY RFC6043 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6043.xml">
<!ENTITY RFC6509 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6509.xml">
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="info" docName="draft-barnes-mikey-sakke-mcptt-00.txt" ipr="trust200902">
<front>
<title abbrev="MCPTT MIKEY Group Key Transport">Mission Critical Push-to-Talk (MCPTT) Group Key Transport using MIKEY-SAKKE</title>
<author fullname="Mary Barnes" initials="M." surname="Barnes">
<organization></organization>
<address>
<postal>
<street></street>
<city></city>
<region>TX</region>
<code></code>
<country>US</country>
</postal>
<email>mary.ietf.barnes@gmail.com</email>
</address>
</author>
<author fullname="Andrew Allen" initials="A." surname="Allen">
<organization>Blackberry</organization>
<address>
<postal>
<street>1200 Sawgrass Corporate Parkway</street>
<city>Sunrise</city>
<region>FL</region>
<code>33323</code>
<country>US</country>
</postal>
<email>aallen@blackberry.com</email>
</address>
</author>
<date month="May" year="2016"/>
<area>Security</area>
<workgroup>Internet Engineering Task Force</workgroup>
<abstract>
<t> 3GPP TS 33.179 defines the group services
and system aspects for the Security of Mission Critical Push-To-Talk (MCPTT) service.
To create a group's security association, a Group Master Key (GMK) and associated identifier (GMK-ID) is distributed to
MCPTT User Equipment (UE)
by a Group Management Server (GMS). The GMK is distributed encrypted specifically to a user and signed
using an identity representing the Group Management Server.
The GMK is distributed within a Group Key Transport payload, which is a MIKEY-SAKKE I_MESSAGE,
as defined in RFC 6509, which ensures the confidentiality, integrity and authenticity of the payload.
In order to convey the MCPTT specific service in the MIKEY-SAKKE I_MESSAGE, this document defines
new values for the Type field of the General Extensions Payload Field defined for MIKEY in
RFC 3830 the ID Role field in RFC 6043 and the ID Scheme field in RFC 6509.
</t>
</abstract>
</front>
<middle>
<section title="Overview">
<t> Multimedia Internet KEYing-Sakai-Kasahara
Key Encryption (MIKEY-SAKKE) defines a method of key exchange that uses
Identity-based Public Key Cryptography (IDPKC) to establish a shared
secret value and certificateless signatures to provide source
authentication.
This scheme makes use of a Key Management
Service (KMS) as a root of trust and distributor of key material.
</t>
<t> 3GPP TS 33.179 <xref target="TS33179"/> defines the Group Services
and System Aspects for the Security of Mission Critical Push-To-Talk (MCPTT).
To create a group's security association, a Group Master Key (GMK) and associated identifier (GMK-ID) is
distributed to MCPTT User Equipment (UE) by a Group Management Server (GMS). The GMK is distributed
encrypted specifically to a user and signed using an identity
representing the Group Management Server.
The GMK is distributed within a Group Key Transport payload. This payload is a MIKEY-SAKKE I_MESSAGE, as defined in
RFC 6509 <xref target="RFC6509"/>,
which ensures the confidentiality, integrity and authenticity of the payload. </t>
</section>
<section title="Group Key Transport Payload">
<t>3GPP TS 24.381 <xref target="TS24381"/> details the procedures for composing the MIKEY-SAKKE I_MESSAGE for the Group Key Transport payload.
These procedures require
the definition of new values for the Type field of the General Extensions Payload Field in RFC 3830 <xref target="RFC3830"/>,
the ID Role field in RFC 6043 <xref target="RFC6043"/> and the ID Scheme field in RFC 6509 <xref target="RFC6509"/>.
</t>
<section anchor="type" title="Type field of the General Extensions Payload Field">
<t> RFC 3830 <xref target="RFC3830"/> defines the Type field as a General Extensions Payload Field Name.
Two new values are defined to indicate the general payload types specific to MCPTT.
The following describes the two new values, to be assigned by IANA:
<list style="symbols">
<t>"SAKKE-to-self (value TBD1):" Indicates that the Data field of a General Extension Payload contains a SAKKE Payload
as specified in RFC 6509 <xref target="RFC6509"/>
</t>
<t> "GMK associated parameters (value TBD2):" Indicates that the Data field of a General Extension Payload
contains the associated parameters
of GMK as specified in 3GPP TS 33.179 <xref target="TS33179"/> figure E.6.1-1.</t>
</list></t>
</section>
<section anchor="IDrole" title="ID Role Field">
<t> The MIKEY-SAKKE I_MESSAGE contains an IDR Payload as defined in
<xref target="RFC6043"/>. The IDR payload uses all the fields from the standard Identity (ID)
payload but expands it with a field describing the role of
the ID payload. The ID Role describes the meaning of the identity itself.
The following describes the two new values, to be assigned by IANA, of the ID Role field specific to MCPTT:
<list style="symbols">
<t>"IDRuidr (value TBD3):" Indicates that the ID Data field of an ID Payload
contains a User Identity (UID) generated from the MCPTT ID of an MCPTT user or a UID generated from the
MCPTT Group ID of an MCPTT group, as specified in 3GPP TS 33.179 <xref target="TS33179"/>.
</t>
<t> "IDRuidi (value TBD4):" Indicates that the ID Data field of an ID Payload contains a UID generated from the GMS's URI
as specified in 3GPP TS 33.179 <xref target="TS33179"/>.</t>
</list></t>
</section>
<section anchor="IDscheme" title="ID Scheme Field">
<t> RFC 6509 <xref target="RFC6509"/> defines the ID Scheme field of the SAKKE Payload.
The following describes the two new values, to be assigned by IANA, for the ID Scheme field for usage in MCPTT:
<list style="symbols">
<t>"MCPTT ID scheme (value TBD5):" Indicates that the The SAKKE Data field of a SAKKE Payload contains the GMK encapsulated
to the UID generated from the IDRr payload or extracted from the IDRuidr payload according to 3GPP TS 33.179 <xref target="TS33179"/>
subclause F.2.1.
</t>
<t> "MCPTT SAKKE-to-self (value TBD6):" Indicates that the SAKKE Data field of a SAKKE Payload
contains the GMK encapsulated to the UID generated from the IDRi payload or extracted from the IDRuidi payload
according to 3GPP TS 33.179 <xref target="TS33179"/> subclause F.2.1.</t>
</list></t>
</section>
</section>
<section title="IANA Considerations">
<t> This document defines new values for registration of the Type field of the General Extensions Payload Field
in RFC 3830 <xref target="RFC3830"/>, the ID Role field in <xref target="RFC6043">RFC 6043</xref> and
the ID Scheme field in <xref target="RFC6509">RFC 6509</xref> required to support MCPTT, are detailed.
The IANA registrations for these new values are described in
the following sections.</t>
<section title="Registration of Type field values for MCPTT">
<t> This document defines two new Type field values to support MCPTT as described
in section <xref target="type"/>.
The following changes have been made to
the Type field in the General Extensions Payload registry of the MIKEY Payload Name Spaces:
</t>
<figure>
<artwork><![CDATA[
Value ID Role Reference
------ --------------------------- --------------
TBD1 SAKKE-to-self [RFCxxxx]
TBD2 GMK associated parameters [RFCxxxx]
]]></artwork>
</figure>
<t>Note to RFC Editor: Please replace RFC XXXX with the RFC number of
this specification.</t>
</section>
<section title="Registration of ID Role values for MCPTT">
<t> This document defines two new ID Role values to support MCPTT, indicating the generator of the UID as described
in section <xref target="IDrole"/>.
The following changes have been made to
the ID Role registry of the MIKEY Payload Name Spaces:
</t>
<figure>
<artwork><![CDATA[
Value ID Role Reference
------ --------------------------- --------------
TBD3 MCPTT user/group (IDRuidr) [RFCxxxx]
TBD4 GMS URI (IDRuidi) [RFCxxxx]
]]></artwork>
</figure>
<t>Note to RFC Editor: Please replace RFC XXXX with the RFC number of
this specification.</t>
</section>
<section title="Registration of ID Scheme values for MCPTT">
<t> This document defines two new ID Scheme values to support MCPTT, indicating the scheme of the SAKKE Payload, as described
in section <xref target="IDscheme"/>.
The following changes have been made to
the ID Scheme registry of the MIKEY Payload Name Spaces:
</t>
<figure>
<artwork><![CDATA[
Value ID Role Reference
----- --------------------------- --------------
TBD5 MCPTT ID scheme [RFCxxxx]
TBD6 MCPTT SAKKE-to-self [RFCxxxx]
]]></artwork>
</figure>
<t>Note to RFC Editor: Please replace RFC XXXX with the RFC number of
this specification.</t>
</section>
</section>
<section title="Security Considerations">
<t> <xref target="TS33179">3GPP TS 33.179</xref> defines the Group Services
and System Aspects for the Security of Mission Critical Push-To-Talk (MCPTT). This document introduces no new security
considerations beyond those defined in <xref target="RFC6509">RFC 6509</xref>.</t>
</section>
<section title="Acknowledgements">
<t> Ivo Sedlacek provided input and feedback on the details around the definition of the new values for these fields.</t>
</section>
</middle>
<back>
<references title="Normative References">
&RFC3830;
&RFC6043;
&RFC6509;
</references>
<references title="Informative References">
<reference anchor="TS33179">
<front>
<title>Security of Mission Critical Push-To-Talk (MCPTT)</title>
<author>
<organization>3GPP TS 33.178</organization>
</author>
<date month="March" year="2016"/>
</front>
</reference>
<reference anchor="TS24381">
<front>
<title>Mission Critical Push-To-Talk (MCPTT) Group Management</title>
<author>
<organization>3GPP TS 24.381</organization>
</author>
<date month="March" year="2016"/>
</front>
</reference>
</references>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-23 16:51:26 |