Group Domain of Interpretation (GDOI) Payloads
- Created
- 2003-03-28
- Last Updated
- 2017-12-26
- Note
-
In all cases, new assigned numbers and values must be added due to a
Standards Action as defined in [RFC2434].
- Available Formats
-
XML
HTML
Plain text
Registries Included Below
GDOI ID Payload Type Values
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Note
-
When an ISAKMP identification payload is used with GDOI, the assigned
values for the Identification Type field are interpreted according to
this registry.
The GDOI ID Payload Type is an 8-bit value that is used as a
discriminator for interpretation of the variable-length Identification
Payload. The following table describes ID Payload Types.
- Available Formats
-
CSV
| Value |
ID Type |
Reference |
| 0-10 |
Reserved |
[RFC3547] |
| 11 |
ID_KEY_ID |
[RFC3547] |
| 12 |
Reserved |
[RFC3547] |
| 13-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
SA KEK Payload Values
SA KEK Payload Values - POP Algorithm
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Note
-
The POP algorithm is a 16-bit value that is used to describe the
encryption algorithm of the POP payload.
- Available Formats
-
CSV
| Value |
Algorithm Type |
Reference |
| 0 |
Reserved |
[RFC3547] |
| 1 |
POP_ALG_RSA |
[RFC3547] |
| 2 |
POP_ALG_DSS |
[RFC3547] |
| 3 |
POP_ALG_ECDSS |
[RFC3547] |
| 4-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
| 256-32767 |
Unassigned |
|
SA KEK Payload Values - KEK Attributes
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Note
-
The KEK Attribute consists of a 16-bit type and its associated value.
KEK attributes are used to pass policy from a GCKS to a group member.
- Available Formats
-
CSV
| Value |
ID Class |
Type |
Reference |
| 0 |
Reserved |
|
|
| 1 |
KEK_MANAGEMENT_ALGORITHM |
B |
[RFC3547] |
| 2 |
KEK_ALGORITHM |
B |
[RFC3547] |
| 3 |
KEK_KEY_LENGTH |
B |
[RFC3547] |
| 4 |
KEK_KEY_LIFETIME |
V |
[RFC3547] |
| 5 |
SIG_HASH_ALGORITHM |
B |
[RFC3547] |
| 6 |
SIG_ALGORITHM |
B |
[RFC3547] |
| 7 |
SIG_KEY_LENGTH |
B |
[RFC3547] |
| 8 |
KE_OAKLEY_GROUP |
B |
[RFC3547] |
| 9 |
KEK_ACK_REQUESTED |
B |
[RFC8263] |
| 10-127 |
Unassigned |
|
|
| 128-255 |
Private Use |
|
[RFC6407] |
| 256-32767 |
Unassigned |
|
|
SA KEK Payload Values - KEK_MANAGEMENT_ALGORITHM
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Available Formats
-
CSV
| Value |
KEK Management Type |
Reference |
| 0 |
Reserved |
[RFC3547] |
| 1 |
LKH |
[RFC3547] |
| 2-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
| 256-65535 |
Unassigned |
|
SA KEK Payload Values - KEK_ALGORITHM
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Available Formats
-
CSV
| Value |
Algorithm Type |
Reference |
| 0 |
RESERVED |
[RFC3547] |
| 1 |
KEK_ALG_DES |
[RFC3547] |
| 2 |
KEK_ALG_3DES |
[RFC3547] |
| 3 |
KEK_ALG_AES |
[RFC3547] |
| 4-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
| 256-65535 |
Unassigned |
|
SA KEK Payload Values - KEK_KEY_LENGTH
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Note
-
The KEK_KEY_LENGTH class specifies the KEK Algorithm key
length (in bits).
| Value |
Type |
Reference |
| No registrations at this time. |
SA KEK Payload Values - KEK_KEY_LIFETIME
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
| Value |
Type |
Reference |
| No registrations at this time. |
SA KEK Payload Values - SIG_HASH_ALGORITHM
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Available Formats
-
CSV
| Value |
Algorithm Type |
Reference |
| 0 |
Reserved |
[RFC3547] |
| 1 |
SIG_HASH_MD5 |
[RFC3547] |
| 2 |
SIG_HASH_SHA1 |
[RFC3547] |
| 3 |
SIG_HASH_SHA256 |
[RFC6407] |
| 4 |
SIG_HASH_SHA384 |
[RFC6407] |
| 5 |
SIG_HASH_SHA512 |
[RFC6407] |
| 6-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
| 256-65535 |
Unassigned |
|
SA KEK Payload Values - SIG_ALGORITHM
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Available Formats
-
CSV
| Value |
Algorithm Type |
Reference |
| 0 |
Reserved |
[RFC3547] |
| 1 |
SIG_ALG_RSA |
[RFC3547] |
| 2 |
SIG_ALG_DSS |
[RFC3547] |
| 3 |
SIG_ALG_ECDSS |
[RFC3547] |
| 4 |
SIG_ALG_ECDSA-256 |
[RFC6407] |
| 5 |
SIG_ALG_ECDSA-384 |
[RFC6407] |
| 6 |
SIG_ALG_ECDSA-521 |
[RFC6407] |
| 7-127 |
Unassigned |
|
| 128-255 |
Private Use |
[RFC3547] |
| 256-65535 |
Unassigned |
|
SA KEK Payload Values - SIG_KEY_LENGTH
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Note
-
The SIG_KEY_LENGTH class specifies the length of the SIG payload key.
| Value |
Type |
Reference |
| No registrations at this time. |
SA KEK Payload Values - KE_OAKLEY_GROUP
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
| Value |
Type |
Reference |
| No registrations at this time. |
SA KEK Payload Values - KEK_ACK_REQUESTED
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Brian Weis
- Reference
- [RFC8263]
- Available Formats
-
CSV
| Value |
Type |
Reference |
| 0 |
Reserved |
[RFC8263] |
| 1 |
REKEY_ACK_KEK_SHA256 |
[RFC8263] |
| 2 |
REKEY_ACK_LKH_SHA256 |
[RFC8263] |
| 3 |
REKEY_ACK_KEK_SHA512 |
[RFC8263] |
| 4 |
REKEY_ACK_LKH_SHA512 |
[RFC8263] |
| 5-128 |
Unassigned |
|
| 129-255 |
Private Use |
|
SA TEK Payload Values
SA TEK Payload Values - Protocol-ID
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Note
-
The SA_TEK protocol-ID is an 8-bit value that is used to describe the
type of TEK is included in the SA_TEK payload. The following table
defines values for the Security Protocol
- Available Formats
-
CSV
Key Download Type Values
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Note
-
The Key Download Type is an 8-bit value that is used as a discriminator
for interpretation of the variable-length Key Packet.
- Available Formats
-
CSV
TEK Download Type
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Available Formats
-
CSV
| Value |
TEK Class |
Type |
Reference |
| 0 |
RESERVED |
|
[RFC3547] |
| 1 |
TEK_ALGORITHM_KEY |
V |
[RFC3547] |
| 2 |
TEK_INTEGRITY_KEY |
V |
[RFC3547] |
| 3 |
TEK_SOURCE_AUTH_KEY |
V |
[RFC3547] |
| 4-127 |
Unassigned |
|
|
| 128-255 |
Private Use |
|
[RFC6407] |
| 256-32767 |
Unassigned |
|
|
KEK Download Type
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547][RFC6407]
- Note
-
The following attributes may be present in a KEK download Type. In the
table, attributes that are defined as TV are marked as Basic (B);
attributes which are defined as TLV are marked as Variable (V).
- Available Formats
-
CSV
| Value |
KEK Class |
Type |
Reference |
| 0 |
RESERVED |
|
[RFC3547] |
| 1 |
KEK_ALGORITHM_KEY |
V |
[RFC3547] |
| 2 |
SIG_ALGORITHM_KEY |
V |
[RFC3547] |
| 3-127 |
Unassigned |
|
|
| 128-255 |
Private Use |
|
[RFC6407] |
| 256-32767 |
Unassigned |
|
|
LKH Download Type
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC3547]
- Available Formats
-
CSV
| Value |
KEK Class |
Type |
Reference |
| 0 |
Reserved |
|
[RFC3547] |
| 1 |
LKH_DOWNLOAD_ARRAY |
V |
[RFC3547] |
| 2 |
LKH_UPDATE_ARRAY |
V |
[RFC3547] |
| 3 |
SIG_ALGORITHM_KEY |
V |
[RFC3547] |
| 4-127 |
Unassigned |
|
|
| 128-255 |
Private Use |
|
[RFC3547] |
| 256-32767 |
Unassigned |
|
|
SID Download Type
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC6407]
- Available Formats
-
CSV
| Value |
SID Class |
Type |
Reference |
| 0 |
RESERVED |
|
[RFC6407] |
| 1 |
NUMBER_OF_SID_BITS |
B |
[RFC6407] |
| 2 |
SID_VALUE |
V |
[RFC6407] |
| 3-128 |
Unassigned |
|
|
| 129-255 |
Private Use |
|
[RFC6407] |
| 256-32767 |
Unassigned |
|
|
GAP Payload Policy Attributes
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC6407]
- Available Formats
-
CSV
| Value |
Attribute Type |
Type |
Reference |
| 0 |
RESERVED |
|
[RFC6407] |
| 1 |
ACTIVATION_TIME_DELAY |
B |
[RFC6407] |
| 2 |
DEACTIVATION_TIME_DELAY |
B |
[RFC6407] |
| 3 |
SENDER_ID_REQUEST |
B |
[RFC6407] |
| 4-127 |
Unassigned |
|
|
| 128-255 |
Private Use |
|
[RFC6407] |
| 256-32767 |
Unassigned |
|
|
IEC 62351-9 Authentication Values
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Brian Weis, Tero Kivinen
- Reference
- [RFC8052]
- Available Formats
-
CSV
IEC 62351-9 Confidentiality Values
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Brian Weis, Tero Kivinen
- Reference
- [RFC8052]
- Available Formats
-
CSV
| Value |
Name |
Authenticated Encryption |
Reference |
| 0 |
Reserved |
|
[RFC8052] |
| 1 |
NONE |
|
[RFC8052] |
| 2 |
AES-CBC-128 |
N |
[RFC8052] |
| 3 |
AES-CBC-256 |
N |
[RFC8052] |
| 4 |
AES-GCM-128 |
Y |
[RFC8052] |
| 5 |
AES-GCM-256 |
Y |
[RFC8052] |
| 6-61439 |
Unassigned |
|
|
| 61440-65535 |
Reserved for Private Use |
|
[RFC8052] |
GDOI SA TEK Attributes
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Brian Weis, Tero Kivinen
- Reference
- [RFC8052]
- Available Formats
-
CSV
| Value |
Attribute |
Type |
Reference |
| 0 |
Reserved |
|
[RFC8052] |
| 1 |
SA_ATD |
V |
[RFC8052] |
| 2 |
SA_KDA |
B |
[RFC8052] |
| 3-28671 |
Unassigned |
|
|
| 28672-32767 |
Reserved for Private Use |
|
[RFC8052] |
ID Types
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Brian Weis, Tero Kivinen
- Reference
- [RFC8052]
- Available Formats
-
CSV
GDOI DOI Exchange Types
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Brian Weis
- Reference
- [RFC8263]
- Available Formats
-
CSV
| Value |
Phase |
Reference |
| GROUPKEY-PULL |
32 |
[RFC6407] |
| GROUPKEY-PUSH |
33 |
[RFC6407] |
| Known Unregistered Use |
34 |
|
| GROUPKEY-PUSH-ACK |
35 |
[RFC8263] |
| Unassigned |
36-239 |
|
