Host Identifier Revocation in HIP

Document Type Expired Internet-Draft (hiprg RG)
Authors Dacheng Zhang  , Dmitriy Kuptsov  , Sean Shen 
Last updated 2012-09-10 (latest revision 2012-03-09)
Stream Internet Research Task Force (IRTF)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream IRTF state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document mainly analyzes the key revocation issue with host identifiers (HIs) in the Host Identity Protocol (HIP). Generally, key revocation is an important functionality of key management systems; it is concerned with the issues of removing cryptographic keys from operational use when they are not secure or not secure enough any more. This functionality is particularly important for the security systems expected to execute for long periods. This document also attempts to investigate several issues that a designer of HI revocation mechanisms need to carefully consider.


Dacheng Zhang (
Dmitriy Kuptsov (
Sean Shen (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)