Skip to main content

Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Yoav Nir , Tero Kivinen
Last updated 2015-10-09
Replaced by draft-ietf-ipsecme-rfc4307bis
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-ipsecme-rfc4307bis
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange protocol provides a mechanism to negotiate which algorithms should be used in any given association. However, to ensure interoperability between disparate implementations, it is necessary to specify a set of mandatory-to-implement algorithms to ensure that there is at least one algorithm that all implementations will have available. This document defines the current set of algorithms that are mandatory to implement as part of IKEv2, as well as algorithms that should be implemented because they may be promoted to mandatory at some future time.


Yoav Nir
Tero Kivinen

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)