Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol
RFC 4739

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>
Subject: Document Action: 'Multiple Authentication Exchanges in 
         IKEv2' to Experimental RFC 

The IESG has approved the following document:

- 'Multiple Authentication Exchanges in IKEv2 '
   <draft-eronen-ipsec-ikev2-multiple-auth-03.txt> as an Experimental RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Russ Housley.

A URL of this Internet-Draft is:

Technical Summary

  IKEv2 supports several mechanisms for authenticating the parties,
  including signatures with public-key certificates, shared secrets, and
  Extensible Authentication Protocol (EAP) methods.  Currently, each
  endpoint uses only one of these mechanisms to authenticate itself.
  This document specifies an extension to IKEv2 that allows the use of
  multiple authentication exchanges, either using different mechanisms
  or the same mechanism.

Working Group Summary

  This document is an individual contribution.  However, there was some
  discussion on the IPsec mail list (from the now closed IPsec WG).

  The document has been stable for some time.  It is also a 3GPP
  dependency for their "WLAN Interworking - Private Network access from
  WLAN 3GPP IP Access" work item.

Protocol Quality

  This document was reviewed by Russ Housley for the IESG.