RFC 8247

Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2), September 2017

File formats:
icon for text file icon for PDF icon for HTML
Status:
PROPOSED STANDARD
Obsoletes:
RFC 4307
Updates:
RFC 7296
Updated by:
RFC 9395
Authors:
Y. Nir
T. Kivinen
P. Wouters
D. Migault
Stream:
IETF
Source:
ipsecme (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC8247

Discuss this RFC: Send questions or comments to the mailing list ipsec@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 8247


Abstract

The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE) protocol is used to negotiate the IPsec Security Association (IPsec SA) parameters, such as which algorithms should be used. To ensure interoperability between different implementations, it is necessary to specify a set of algorithm implementation requirements and usage guidance to ensure that there is at least one algorithm that all implementations support. This document updates RFC 7296 and obsoletes RFC 4307 in defining the current algorithm implementation requirements and usage guidance for IKEv2, and does minor cleaning up of the IKEv2 IANA registry. This document does not update the algorithms used for packet encryption using IPsec Encapsulating Security Payload (ESP).


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search