Guidelines for using IPsec and IKEv2
draft-dondeti-useipsec-430x-00

Document Type Expired Internet-Draft (individual)
Last updated 2006-10-19
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html
Stream Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-dondeti-useipsec-430x-00.txt

Abstract

IPsec encapsulation can be used to provide a secure channel between two entities, to enforce controlled access to a network, or to provide any combination of integrity protection, confidentiality, replay protection, and traffic flow confidentiality of data being transmitted between two or more endpoints over untrusted transmission media or networks. Whereas various assortments of the protections are possible to provide, it is not always safe to use some of the combinations. Next, IPsec SAs are established either manually or using a key management protocol such as IKEv2 with entity authentication verified locally or with the assistance of a third party. This document specifies when and how to use IPsec and IKEv2 and what combinations of protections afforded by those protocols are safe and when.

Authors

Lakshminath Dondeti (ldondeti@qualcomm.com)
Vidya Narayanan (vidyan@qualcomm.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)