Minimal IKEv2

The information below is for an old version of the document
Document Type Expired Internet-Draft (lwig WG)
Last updated 2014-04-20 (latest revision 2013-10-17)
Stream IETF
Intended RFC status (None)
Expired & archived
plain text pdf html
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes minimal version of the Internet Key Exchange version 2 (IKEv2) protocol. IKEv2 is a component of IPsec used for performing mutual authentication and establishing and maintaining Security Associations (SAs). IKEv2 includes several optional features, which are not needed in minimal implementations. This document describes what is required from the minimal implementation, and also describes various optimizations which can be done. The protocol described here is compliant with full IKEv2 with exception that this document describes mainly shared secret authentication (IKEv2 requires support for certificate authentication in addition to shared secret authentication). This document does not update or modify RFC 5996, but provides more compact description of the minimal version of the protocol. If this document and RFC 5996 conflicts then RFC 5996 is the authoritative description.


(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)