[Search] [pdf|bibtex] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02                                                      
IPSEC WG                                                   M. Richardson
Internet-Draft                                                       SSW
|Expires: July 1, 2004                                      January 2004


                     Initial IANA registry contents
                   draft-ietf-ipsec-ikev2-iana-02.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
|  Task Force (IETF), its areas, and its working groups. Note that other
|  groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

|  This Internet-Draft will expire on July 1, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

   This is a non-standards track document that tells IANA how to
   populate the initial IKEv2 registries.














|Richardson               Expires July 1, 2004                  [Page 1]


Internet-Draft                 ikev2 iana                   January 2004


Table of Contents

   1.     Introduction . . . . . . . . . . . . . . . . . . . . . . .   4
   2.     List of Registries . . . . . . . . . . . . . . . . . . . .   5
   3.     IKEv2 Exchange Types . . . . . . . . . . . . . . . . . . .   6
   3.1    Amending formula for IKEv2 Exchange Types  . . . . . . . .   6
   4.     IKEv1 Payload Types  . . . . . . . . . . . . . . . . . . .   7
   5.     IKEv2 Payload Types  . . . . . . . . . . . . . . . . . . .   8
   5.1    Amending formula for IKEv2 Payload Types . . . . . . . . .   8
   6.     IKEv2 Transform Types  . . . . . . . . . . . . . . . . . .   9
   6.1    Amending formula for IKEv2 Transform Types . . . . . . . .   9
   6.2    IKEv2 Transform Attribute Types  . . . . . . . . . . . . .   9
   6.2.1  Amending formula for IKEv2 Transform Attribute Types . . .   9
   6.3    IKEv2 Encryption Transform IDs . . . . . . . . . . . . . .   9
   6.3.1  Amending formula for IKEv2 Encryption Transform IDs  . . .  10
   6.4    IKEv2 Pseudo-random Function Transform IDs . . . . . . . .  10
   6.4.1  Amending formula for IKEv2 Pseudo-random Function
          Transform IDs  . . . . . . . . . . . . . . . . . . . . . .  10
   6.5    IKEv2 Integrity Algorithm Transform IDs  . . . . . . . . .  10
|  6.5.1  Amending formula for IKEv2 Integrity Algorithm
|         Transform IDs  . . . . . . . . . . . . . . . . . . . . . .  11
   6.6    IKEv2 Diffie-Hellman, ECP and EC2N Transform IDs . . . . .  11
   6.6.1  Amending formula for IKEv2 Diffie-Hellman, ECP and EC2N
          Transform IDs  . . . . . . . . . . . . . . . . . . . . . .  11
   6.7    IKEv2 Extended Sequence Numbers Transform IDs  . . . . . .  11
   6.7.1  Amending formula for IKEv2 Extended Sequence Numbers
          Transform IDs  . . . . . . . . . . . . . . . . . . . . . .  12
   7.     IKEv2 Identification Payload ID Types  . . . . . . . . . .  13
|  7.1    Amending formula for IKEv2 Identification Payload ID
|         Types  . . . . . . . . . . . . . . . . . . . . . . . . . .  13
   8.     IKEv2 Certificate Encodings  . . . . . . . . . . . . . . .  14
   8.1    Amending formula for IKEv2 Certificate Encodings . . . . .  14
   9.     IKEv2 Authentication Method  . . . . . . . . . . . . . . .  15
   9.1    Amending formula for IKEv2 Authentication Method . . . . .  15
   10.    IKEv2 Notification Payload Types . . . . . . . . . . . . .  16
   10.1   Amending formula for IKEv2 Notification Payload Types  . .  17
   10.2   IKEv2 Notification IPCOMP Transform IDs  . . . . . . . . .  17
|  10.2.1 Amending formula for IKEv2 Notification IPCOMP
|         Transform IDs  . . . . . . . . . . . . . . . . . . . . . .  17
   11.    IKEv2 Security Protocol Identfiers . . . . . . . . . . . .  18
   11.1   Amending formula for IKEv2 Security Protocol Identifiers .  18
   12.    IKEv2 Traffic Selector Types . . . . . . . . . . . . . . .  19
   12.1   Amending formula for IKEv2 Traffic Selector Types  . . . .  19
   13.    IKEv2 Configuration Payload CFG Types  . . . . . . . . . .  20
|  13.1   Amending formula for IKEv2 Configuration Payload CFG
|         Types  . . . . . . . . . . . . . . . . . . . . . . . . . .  20
   14.    IKEv2 Configuration Payload Attribute Types  . . . . . . .  21
|  14.1   Amending formula for IKEv2 Configuration Payload



|Richardson               Expires July 1, 2004                  [Page 2]


Internet-Draft                 ikev2 iana                   January 2004


|         Attribute Types  . . . . . . . . . . . . . . . . . . . . .  21
|         Normative references . . . . . . . . . . . . . . . . . . .  22
          Author's Address . . . . . . . . . . . . . . . . . . . . .  22
|         Intellectual Property and Copyright Statements . . . . . .  23















































|Richardson               Expires July 1, 2004                  [Page 3]


Internet-Draft                 ikev2 iana                   January 2004


1. Introduction

|  The terms "IETF Consensus", "Specification Required", "First
|  Come-First Served" and "Expert Review" are used as defined in RFC2434
|  [1].














































|Richardson               Expires July 1, 2004                  [Page 4]


Internet-Draft                 ikev2 iana                   January 2004


2. List of Registries

   The following registries should be created.

   Note: when creating a new Transform Type, a new registry for it must
   be created.

      IKEv2 Exchange Types
      IKEv2 Payload Types
      IKEv2 Transform Types
          IKEv2 Transform Attribute Types
          IKEv2 Encryption Transform IDs
          IKEv2 Pseudo-ramdom Function Transform IDs
          IKEv2 Integrity Algorithm Transform IDs
          IKEv2 Diffie-Hellman, ECP and EC2N Transform IDs
          IKEv2 Extended Sequence Numbers Transform IDs
      IKEv2 Identification Payload ID Types
      IKEv2 Certification Encodings
      IKEv2 Authentication Method
      IKEv2 Notification Payload Types
          IKEv2 Notification IPCOMP Transform IDs
      IKEv2 Security Protocol Identfiers
      IKEv2 Traffic Selector Types
      IKEv2 Configuration Payload CFG Types
      IKEv2 Configuration Payload Attribute Types


























|Richardson               Expires July 1, 2004                  [Page 5]


Internet-Draft                 ikev2 iana                   January 2004


3. IKEv2 Exchange Types

   The exchange type occurs in the IKEv2 header.

             Exchange Type          VALUE
             ===============================
             RESERVED                 0-33  (IKEv1)
             IKE_SA_INIT              34
             IKE_AUTH                 35
             CREATE_CHILD_SA          36
             INFORMATIONAL            37
             Reserved for IKEv2+      38-239
             Reserved for private use 240-255


3.1 Amending formula for IKEv2 Exchange Types

   IKEv2 Exchange types may created by Standards Action.

































|Richardson               Expires July 1, 2004                  [Page 6]


Internet-Draft                 ikev2 iana                   January 2004


4. IKEv1 Payload Types

   Add

             RESERVED                                   33-63














































|Richardson               Expires July 1, 2004                  [Page 7]


Internet-Draft                 ikev2 iana                   January 2004


5. IKEv2 Payload Types


             NAME                          ACRONYM     VALUE
             ================================================
             No Next Payload                              0
             RESERVED                                   1-32
             Security Association             SA         33
             Key Exchange                     KE         34
             Identification - Initiator       IDi        35
             Identification - Responder       IDr        36
             Certificate                      CERT       37
             Certificate Request              CERTREQ    38
             Authentication                   AUTH       39
             Nonce                            Ni, Nr     40
             Notify                           N          41
             Delete                           D          42
             Vendor ID                        V          43
             Traffic Selector - Initiator     TSi        44
             Traffic Selector - Responder     TSr        45
             Encrypted                        E          46
             Configuration                    CP         47
             Extended Authentication          EAP        48
             RESERVED TO IANA                          49-127
             PRIVATE USE                              128-255


5.1 Amending formula for IKEv2 Payload Types

   IKEv2 Payload Types may be allocated by Specification Required.





















|Richardson               Expires July 1, 2004                  [Page 8]


Internet-Draft                 ikev2 iana                   January 2004


6. IKEv2 Transform Types


             Transform Type         NUMBER
             =====================  ======
             Encryption Algorithm      1
             Pseudo-random Function    2
             Integrity Algorithm       3
             Diffie-Hellman/ECC Group  4
             Extended Sequence Numbers 5
             RESERVED TO IANA          6-240
             PRIVATE USE               241-255


6.1 Amending formula for IKEv2 Transform Types

   IKEv2 Transform Types may be allocated by Specification Required.

6.2 IKEv2 Transform Attribute Types


            Attribute Type                 value        Attribute Format
            --------------------------------------------------------------
            RESERVED                           0-13
            Key Length (in bits)               14                 TV
            RESERVED                           15-17
            RESERVED TO IANA                   18-16383
            PRIVATE USE                        16384-32767


6.2.1 Amending formula for IKEv2 Transform Attribute Types

   IKEv2 Transform Attribute Types may be allocated by Specification
   Required.

6.3 IKEv2 Encryption Transform IDs

   For Transform Type 1 (Encryption Algorithm), defined Transform IDs
   are:

             Name                     Number           Defined In
             ======================   ======           ==========
             RESERVED                    0
             ENCR_DES_IV64               1              (RFC1827)
             ENCR_DES                    2              (RFC2405)
             ENCR_3DES                   3              (RFC2451)
             ENCR_RC5                    4              (RFC2451)
             ENCR_IDEA                   5              (RFC2451)



|Richardson               Expires July 1, 2004                  [Page 9]


Internet-Draft                 ikev2 iana                   January 2004


             ENCR_CAST                   6              (RFC2451)
             ENCR_BLOWFISH               7              (RFC2451)
             ENCR_3IDEA                  8              (RFC2451)
             ENCR_DES_IV32               9
             ENCR_RC4                   10
             ENCR_NULL                  11              (RFC2410)
             ENCR_AES_CBC               12
             ENCR_AES_CTR               13
             RESERVED TO IANA           14-1023
             PRIVATE USE                1024-65535


6.3.1 Amending formula for IKEv2 Encryption Transform IDs

|  IKEv2 Encryption Transform IDs may be allocated by expert review. The
|  initial expert reviewer is REVIEW.

6.4 IKEv2 Pseudo-random Function Transform IDs

   For Transform Type 2 (Pseudo-random Function), defined Transform IDs
   are:

             Name                     Number           Defined In
             ======================   ======           ==========
             RESERVED                    0
             PRF_HMAC_MD5                1                   (RFC2104)
             PRF_HMAC_SHA1               2                   (RFC2104)
             PRF_HMAC_TIGER              3                   (RFC2104)
             PRF_AES_CBC                 4
             RESERVED TO IANA           5-1023
             PRIVATE USE                1024-65535


6.4.1 Amending formula for IKEv2 Pseudo-random Function Transform IDs

   IKEv2 Pseudo-random Transform IDs may be allocated by expert review.
   The initial expert reviewer is REVIEW.

6.5 IKEv2 Integrity Algorithm Transform IDs

   For Transform Type 3 (Integrity Algorithm), defined Transform IDs
   are:

             Name                     Number           Defined In
             ======================   ======           ==========
             NONE                       0
             AUTH_HMAC_MD5_96           1                     (RFC2403)
             AUTH_HMAC_SHA1_96          2                     (RFC2404)



|Richardson               Expires July 1, 2004                 [Page 10]


Internet-Draft                 ikev2 iana                   January 2004


             AUTH_DES_MAC               3
             AUTH_KPDK_MD5              4                     (RFC1826)
|            AUTH_AES_PRF_96            5                     (RFC3664)
             RESERVED TO IANA           6-1023
             PRIVATE USE                1024-65535


6.5.1 Amending formula for IKEv2 Integrity Algorithm Transform IDs

   IKEv2 Integrity Algorithm Transform IDs may be allocated by expert
   review. The initial expert reviewer is REVIEW.

6.6 IKEv2 Diffie-Hellman, ECP and EC2N Transform IDs

   For Transform Type 4 (Diffie-Hellman, ECP and EC2N Group), defined
   Transform IDs are: (see also [2])

             Name                     Number           Defined In
             ======================   ======           ==========
             NONE                       0
              768-bit MODP group        1             (IKEv2 B.1)
             1024-bit MODP group        2             (IKEv2 B.2)
             155-bit EC2N               3             (IKEv2 B.3)
             185-bit EC2n               4             (IKEv2 B.4)
             1536-bit MODP group        5             (RFC3526. sec.2)
             RESERVED TO IANA           6-13
             2048-bit MODP group        14            (RFC3526. sec 3)
             3072-bit MODP group        15            (RFC3526. sec 4)
             4096-bit MODP group        16            (RFC3526. sec 5)
             6144-bit MODP group        17            (RFC3526. sec 6)
             8192-bit MODP group        18            (RFC3526. sec 7)
             RESERVED TO IANA           19-1023
             PRIVATE USE                1024-65535


6.6.1 Amending formula for IKEv2 Diffie-Hellman, ECP and EC2N Transform
      IDs

   IKEv2 Diffie-Hellman, ECP and EC2N Transform IDs may be allocated by
   Specification Required.

6.7 IKEv2 Extended Sequence Numbers Transform IDs

   For Transform Type 5 (Extended Sequence Numbers), defined Transform
   IDs are:

             Name                     Number           Defined In
             ======================   ======           ==========



|Richardson               Expires July 1, 2004                 [Page 11]


Internet-Draft                 ikev2 iana                   January 2004


             No Extended Sequence Numbers       0     (IKEv2)
             Extended Sequence Numbers          1
|            RESERVED                           2-65535


6.7.1 Amending formula for IKEv2 Extended Sequence Numbers Transform IDs

   IKEv2 Extended Sequence Numbers Transform IDs may be allocated by
|  IETF Consensus.










































|Richardson               Expires July 1, 2004                 [Page 12]


Internet-Draft                 ikev2 iana                   January 2004


7. IKEv2 Identification Payload ID Types


         Name                            Number      Defined In
         ==========================      ======      ==========
         RESERVED                            0    (IKEv2. section 3.5)
         ID_IPV4_ADDR                        1    (IKEv2. section 3.5)
         ID_FQDN                             2    (IKEv2. section 3.5)
         ID_RFC822_ADDR                      3    (IKEv2. section 3.5)
         RESERVED                            4    (IKEv2. section 3.5)
         ID_IPV6_ADDR                        5    (IKEv2. section 3.5)
         RESERVED                            6    (IKEv2. section 3.5)
         RESERVED                            7    (IKEv2. section 3.5)
         RESERVED                            8    (IKEv2. section 3.5)
         ID_DER_ASN1_DN                      9    (IKEv2. section 3.5)
         ID_DER_ASN1_GN                      10    (IKEv2. section 3.5)
         ID_KEY_ID                           11    (IKEv2. section 3.5)
|        RESERVED TO IANA                    12-200
|        Private use                         201-255


7.1 Amending formula for IKEv2 Identification Payload ID Types

   IKEv2 Identification Payload ID Types may be allocated by
   Specification Required.


























|Richardson               Expires July 1, 2004                 [Page 13]


Internet-Draft                 ikev2 iana                   January 2004


8. IKEv2 Certificate Encodings


         Name                            Number      Defined In
         ==========================      ======      ==========
         RESERVED                             0   (IKEv2. section 3.6)
         PKCS #7 wrapped X.509 certificate    1   (IKEv2. section 3.6)
         PGP Certificate                      2   (IKEv2. section 3.6)
         DNS Signed Key                       3   (IKEv2. section 3.6)
         X.509 Certificate - Signature        4   (IKEv2. section 3.6)
         Kerberos Token                       6   (IKEv2. section 3.6)
         Certificate Revocation List (CRL)    7   (IKEv2. section 3.6)
         Authority Revocation List (ARL)      8   (IKEv2. section 3.6)
         SPKI Certificate                     9   (IKEv2. section 3.6)
         X.509 Certificate - Attribute       10   (IKEv2. section 3.6)
         Raw RSA Key                         11   (IKEv2. section 3.6)
         Hash and URL of PKIX certificate    12   (IKEv2. section 3.6)
         Hash and URL of PKIX bundle         13   (IKEv2. section 3.6)
         RESERVED TO IANA                    14 - 200
         PRIVATE USE                         201 - 255


8.1 Amending formula for IKEv2 Certificate Encodings

   IKEv2 Certificate Encodings may be allocated by Specification
   Required.

























|Richardson               Expires July 1, 2004                 [Page 14]


Internet-Draft                 ikev2 iana                   January 2004


9. IKEv2 Authentication Method

   The authentication method occurs in the Authentication Payload in
   IKEv2 section 3.8.

         Name                               Number      Defined In
         ==========================         ======      ==========
         RESERVED                                0    (IKEv2)
         RSA Digital Signature                   1    (IKEv2 section 2.15)
         Shared Key Message Integrity Code       2    (IKEv2 section 2.15)
         DSS Digital Signature                   3    (IKEv2 section 2.15)
         RESERVED TO IANA                        4-200
         PRIVATE USE                             201-255


9.1 Amending formula for IKEv2 Authentication Method

   IKEv2 Authentication Method may be allocated by Specification
   Required.
































|Richardson               Expires July 1, 2004                 [Page 15]


Internet-Draft                 ikev2 iana                   January 2004


10. IKEv2 Notification Payload Types

   The authentication method occurs in the Notification Payload in IKEv2
|  section 3.10.1. Errors types are 0-16383. Status types are
|  16384-65535.

           Name                               Number      Defined In
           ==========================         ======      ==========
   Error Types
           RESERVED                                  0
           UNSUPPORTED_CRITICAL_PAYLOAD              1  (IKEv2 section 3.10.1)
           RESERVED                                  2,3
           INVALID_IKE_SPI                           4  (IKEv2 section 3.10.1)
           INVALID_MAJOR_VERSION                     5  (IKEv2 section 3.10.1)
           RESERVED                                  6
           INVALID_SYNTAX                            7  (IKEv2 section 3.10.1)
           RESERVED                                  8
           INVALID_MESSAGE_ID                        9  (IKEv2 section 3.10.1)
           RESERVED                                 10
           INVALID_SPI                              11  (IKEv2 section 3.10.1)
           RESERVED                                 12,13
           NO_PROPOSAL_CHOSEN                       14  (IKEv2 section 3.10.1)
           RESERVED                                 15,16
           INVALID_KE_PAYLOAD                       17  (IKEv2 section 3.10.1)
           RESERVED                                 18-23
           AUTHENTICATION_FAILED                    24  (IKEv2 section 3.10.1)
           RESERVED                                 25-33
           SINGLE_PAIR_REQUIRED                     34  (IKEv2 section 3.10.1)
           NO_ADDITIONAL_SAS                        35  (IKEv2 section 3.10.1)
           INTERNAL_ADDRESS_FAILURE                 36  (IKEv2 section 3.10.1)
           FAILED_CP_REQUIRED                       37  (IKEv2 section 3.10.1)
           TS_UNACCEPTABLE                          38  (IKEv2 section 3.10.1)
           RESERVED TO IANA - Error types         39 - 8191
           Private Use - Errors                8192 - 16383

   Status Types
           INITIAL_CONTACT                          16384  (IKEv2 section 3.10.1)
           SET_WINDOW_SIZE                          16385  (IKEv2 section 3.10.1)
           ADDITIONAL_TS_POSSIBLE                   16386  (IKEv2 section 3.10.1)
           IPCOMP_SUPPORTED                         16387  (IKEv2 section 3.10.1)
           NAT_DETECTION_SOURCE_IP                  16388  (IKEv2 section 3.10.1)
           NAT_DETECTION_DESTINATION_IP             16389  (IKEv2 section 3.10.1)
           COOKIE                                   16390  (IKEv2 section 3.10.1)
           USE_TRANSPORT_MODE                       16391  (IKEv2 section 3.10.1)
           HTTP_CERT_LOOKUP_SUPPORTED               16392  (IKEv2 section 3.10.1)
           REKEY_SA                                 16393  (IKEv2 section 3.10.1)
           RESERVED TO IANA - STATUS TYPES      16394 - 40959
           Private Use - STATUS TYPES           40960 - 65535



|Richardson               Expires July 1, 2004                 [Page 16]


Internet-Draft                 ikev2 iana                   January 2004


10.1 Amending formula for IKEv2 Notification Payload Types

   IKEv2 Notification Payload Types may be allocated by First Come-First
   Served.

10.2 IKEv2 Notification IPCOMP Transform IDs

   The IPCOMP notification type occurs in a Notification Payload of type
   IPCOMP_SUPPORTED (16387). The transform IDs currently defined are:


                    NAME         NUMBER  DEFINED IN
                    -----------  ------  -----------
                    RESERVED       0
                    IPCOMP_OUI     1
                    IPCOMP_DEFLATE 2     RFC 2394
                    IPCOMP_LZS     3     RFC 2395
                    IPCOMP_LZJH    4     RFC 3051
                    RESERVED TO IANA 5-240
                    PRIVATE USE      241-255


10.2.1 Amending formula for IKEv2 Notification IPCOMP Transform IDs

   IKEv2 Notification IPCOMP Transform IDs may be allocated by expert
   review. The initial expert reviewer is REVIEW.

























|Richardson               Expires July 1, 2004                 [Page 17]


Internet-Draft                 ikev2 iana                   January 2004


11. IKEv2 Security Protocol Identfiers

   The security protocol ID occurs in the Notify and Delete Payload, in
   IKEv2 section 3.10 and 3.11.

         Name                               Number      Defined In
         ==========================         ======      ==========
         RESERVED                                0    (IKEv2)
         IKE_SA                                  1    (IKEv2 section 3.11)
         AH - authentication header              2    (IKEv2 section 3.11)
         ESP - encapsulated security payload     3    (IKEv2 section 3.11)
         RESERVED TO IANA                        4-200
         PRIVATE USE                             201-255


11.1 Amending formula for IKEv2 Security Protocol Identifiers

   IKEv2 Security Protocol Identifiers may be allocated by Standards
   Action.
































|Richardson               Expires July 1, 2004                 [Page 18]


Internet-Draft                 ikev2 iana                   January 2004


12. IKEv2 Traffic Selector Types

   The traffic selector type Traffic Selector Payloads, defined in IKEv2
   section 3.13.

         Name                               Number      Defined In
         ==========================         ======      ==========
         RESERVED                           0-6
         TS_IPV4_ADDR_RANGE                  7       (IKEv2 section 3.13.1)
         TS_IPV6_ADDR_RANGE                  8       (IKEv2 section 3.13.1)
|        RESERVED TO IANA                    9-240
|        Private use                         241-255


12.1 Amending formula for IKEv2 Traffic Selector Types

   IKEv2 Traffic Selector Types may be allocated by Specification
   Required.

































|Richardson               Expires July 1, 2004                 [Page 19]


Internet-Draft                 ikev2 iana                   January 2004


13. IKEv2 Configuration Payload CFG Types

   The CFG type occurs in the Configuration Payload, defined in IKEv2
   section 3.15.

                CFG Type       Value
                ===========    =====
                RESERVED         0
                CFG_REQUEST      1
                CFG_REPLY        2
                CFG_SET          3
                CFG_ACK          4
                RESERVED TO IANA 5-127
                PRIVATE USE      128-255


13.1 Amending formula for IKEv2 Configuration Payload CFG Types

   IKEv2 Configuration Payload CFG Types may be allocated by
   Specification Required.































|Richardson               Expires July 1, 2004                 [Page 20]


Internet-Draft                 ikev2 iana                   January 2004


14. IKEv2 Configuration Payload Attribute Types

   The CFG attribute type occurs in the Configuration Payload, defined
   in IKEv2 section 3.15. Note this is a 15 bit field.

                                         Multi-
           Attribute Type          Value Valued Length
           ======================= ===== ====== ==================
            RESERVED                 0
            INTERNAL_IP4_ADDRESS     1    YES*  0 or 4 octets
            INTERNAL_IP4_NETMASK     2    NO    0 or 4 octets
            INTERNAL_IP4_DNS         3    YES   0 or 4 octets
            INTERNAL_IP4_NBNS        4    YES   0 or 4 octets
            INTERNAL_ADDRESS_EXPIRY  5    NO    0 or 4 octets
            INTERNAL_IP4_DHCP        6    YES   0 or 4 octets
            APPLICATION_VERSION      7    NO    0 or more
            INTERNAL_IP6_ADDRESS     8    YES*  0 or 16 octets
            INTERNAL_IP6_NETMASK     9    NO    0 or 16 octets
            INTERNAL_IP6_DNS        10    YES   0 or 16 octets
            INTERNAL_IP6_NBNS       11    YES   0 or 16 octets
            INTERNAL_IP6_DHCP       12    YES   0 or 16 octets
            INTERNAL_IP4_SUBNET     13    NO    0 or 8 octets
            SUPPORTED_ATTRIBUTES    14    NO    Multiple of 2
            INTERNAL_IP6_SUBNET     15    NO    17 octets
            RESERVED TO IANA        16-16383
            PRIVATE USE             16384-32767

         * These attributes may be multi-valued on return only if
           multiple values were requested.


14.1 Amending formula for IKEv2 Configuration Payload Attribute Types

   IKEv2 Configuration Payload Attribute Types may be allocated by
   Specification Required.
















|Richardson               Expires July 1, 2004                 [Page 21]


Internet-Draft                 ikev2 iana                   January 2004


Normative references

   [1]  Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
        Considerations Section in RFCs", BCP 26, RFC 2434, October 1998.

   [2]  Kivinen, T. and M. Kojo, "More Modular Exponential (MODP)
        Diffie-Hellman groups for Internet Key Exchange (IKE)", RFC
        3526, May 2003.


Author's Address

   Michael C. Richardson
   Sandelman Software Works
   470 Dawson Avenue
   Ottawa, ON  K1Z 5V7
   CA

   EMail: mcr@sandelman.ottawa.on.ca
   URI:   http://www.sandelman.ottawa.on.ca/































|Richardson               Expires July 1, 2004                 [Page 22]


Internet-Draft                 ikev2 iana                   January 2004


|Intellectual Property Statement

|  The IETF takes no position regarding the validity or scope of any
|  intellectual property or other rights that might be claimed to
|  pertain to the implementation or use of the technology described in
|  this document or the extent to which any license under such rights
|  might or might not be available; neither does it represent that it
|  has made any effort to identify any such rights. Information on the
|  IETF's procedures with respect to rights in standards-track and
|  standards-related documentation can be found in BCP-11. Copies of
|  claims of rights made available for publication and any assurances of
|  licenses to be made available, or the result of an attempt made to
|  obtain a general license or permission for the use of such
|  proprietary rights by implementors or users of this specification can
|  be obtained from the IETF Secretariat.

|  The IETF invites any interested party to bring to its attention any
|  copyrights, patents or patent applications, or other proprietary
|  rights which may cover technology that may be required to practice
|  this standard. Please address the information to the IETF Executive
|  Director.


Full Copyright Statement

   Copyright (C) The Internet Society (2004). All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
|  revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION



|Richardson               Expires July 1, 2004                 [Page 23]


|Internet-Draft                ikev2 iana                   January 2004


   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


|Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.











































|Richardson               Expires July 1, 2004                 [Page 24]