RFC 5386

Better-Than-Nothing Security: An Unauthenticated Mode of IPsec, November 2008

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5386.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Authors:
N. Williams
M. Richardson
Stream:
IETF
Source:
btns (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC5386

Discuss this RFC: Send questions or comments to btns@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document specifies how to use the Internet Key Exchange (IKE) protocols, such as IKEv1 and IKEv2, to setup "unauthenticated" security associations (SAs) for use with the IPsec Encapsulating Security Payload (ESP) and the IPsec Authentication Header (AH). No changes to IKEv2 bits-on-the-wire are required, but Peer Authorization Database (PAD) and Security Policy Database (SPD) extensions are specified. Unauthenticated IPsec is herein referred to by its popular acronym, "BTNS" (Better-Than-Nothing Security). [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×