Bootstrapping Timed Efficient Stream Loss-Tolerant Authentication (TESLA)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, msec mailing list <firstname.lastname@example.org>, msec chair <email@example.com> Subject: Protocol Action: 'Bootstrapping TESLA' to Proposed Standard The IESG has approved the following document: - 'Bootstrapping TESLA ' <draft-ietf-msec-bootstrapping-tesla-04.txt> as a Proposed Standard This document is the product of the Multicast Security Working Group. The IESG contact persons are Russ Housley and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-msec-bootstrapping-tesla-04.txt
Technical Summary The TESLA source authentication protocol needs bootstrapping either via a key management protocol or in-band with a data encapsulation protocol. The "Bootstrapping TESLA" specification describes how to do this via the MIKEY protocol. The specification includes payloads and parameters required for TESLA initialization between the "source" and each receiver individually. Working Group Summary The WG considered whether to include this as part of the SRTP-TESLA specification and decided against it (rough consensus). The protocol itself is fairly straightforward. However, it is an important contribution and other documents describing TESLA bootstrapping in the context of other protocols (e.g., GKDP) might be developed in the future. Protocol Quality There are several MIKEY implementations and a TESLA implementation; however, SRTP-TESLA and MIKEY-TESLA extensions have not yet been implemented (to our knowledge). This document was reviewed by Russ Housley for the IESG.