RFC 7401
Host Identity Protocol Version 2 (HIPv2), April 2015
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoletes:
- RFC 5201
- Updated by:
- RFC 8002, RFC 9374
- Authors:
- R. Moskowitz, Ed.
T. Heer
P. Jokela
T. Henderson - Stream:
- IETF
- Source:
- hip (int)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC7401
Discuss this RFC: Send questions or comments to the mailing list hipsec@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 7401
Abstract
This document specifies the details of the Host Identity Protocol (HIP). HIP allows consenting hosts to securely establish and maintain shared IP-layer state, allowing separation of the identifier and locator roles of IP addresses, thereby enabling continuity of communications across IP address changes. HIP is based on a Diffie-Hellman key exchange, using public key identifiers from a new Host Identity namespace for mutual peer authentication. The protocol is designed to be resistant to denial-of-service (DoS) and man-in-the-middle (MitM) attacks. When used together with another suitable security protocol, such as the Encapsulating Security Payload (ESP), it provides integrity protection and optional encryption for upper-layer protocols, such as TCP and UDP.
This document obsoletes RFC 5201 and addresses the concerns raised by the IESG, particularly that of crypto agility. It also incorporates lessons learned from the implementations of RFC 5201.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.