Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol
RFC 5282

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Using Authenticated Encryption 
         Algorithms with the Encrypted Payload of the Internet Key 
         Exchange version 2 (IKEv2) Protocol' to Proposed Standard 

The IESG has approved the following document:

- 'Using Authenticated Encryption Algorithms with the Encrypted Payload 
   of the Internet Key Exchange version 2 (IKEv2) Protocol '
   <draft-black-ipsec-ikev2-aead-modes-02.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-black-ipsec-ikev2-aead-modes-02.txt

Technical Summary

   An authenticated encryption algorithm combines encryption and 
   integrity into a single operation; such algorithms may also be 
   referred to as combined modes of an encryption cipher or as combined 
   mode algorithms.  This document describes the use of authenticated 
   encryption algorithms with the Encrypted Payload of the Internet Key 
   Exchange version 2 (IKEv2) protocol. 

   The use of two specific authenticated encryption algorithms with the 
   IKEv2 Encrypted Payload is also described; these two algorithms are 
   the Advanced Encryption Standard (AES) in Galois/Counter Mode (AES 
   GCM) and AES in Counter with CBC-MAC Mode (AES CCM).  Additional 
   documents may describe the use of other authenticated encryption 
   algorithms with the IKEv2 Encrypted Payload. 

Working Group Summary

  This document is an individual submission.  A pseudo working group
   Last Call was conducted on the ipsec@ietf.org mailing list by the
   Responsible Area Director (Tim Polk).  No issues resulted from this
   pseudo WG Last Call.  

Document Quality

   Versions of this document have been reviewed by Charlie Kaufman,
   Pasi Eronen, Tero Kivinen, Steve Kent and Alfred Hoenes in addition
   to the authors.

          Personnel
             Document Shepherd: David L. Black
             Responsible Area Director: Tim Polk

Personnel

   The Document Shepherd is David L. Black.  Tim Polk is the 
   Responsible Area Director.

RFC Editor Note

Please make the following changes, (a) through (e):

(a) last sentence of the third paragraph of Section 1:

OLD:
The current version of ESP is version 2, ESPv2
   [RFC4303].

NEW:
The current version of ESP is version 3, ESPv3
   [RFC4303].

(b) First line of the second paragraph of Section 7.1:

OLD:
   IKEv2 makes the use of ...
               ^^^
NEW:
   IKEv2 makes use of ...

(c) First sentence of Section 7.2:

OLD:
   This section is unique to IKEv2 Encrypted Payload usage of AES GCM

NEW:
   This section is unique to the IKEv2 Encrypted Payload usage of AES
                             ^^^
(d) Section 10.1, 2nd line

Insert the missing space:
     s/AEAD_*algorithms/AEAD_* algorithms/

(e)  Section 10.2.1

OLD:
   The AEAD_AES_128_CCM_SHORT ciphertext is formed by appending the
   authentication tag provided as an output to the CCM encryption
                                            ^^
NEW:
   The AEAD_AES_128_CCM_SHORT ciphertext is formed by appending the
   authentication tag provided as an output of the CCM encryption
                                            ^^

In addition, it has been suggested that the "Conventions used in
this document" material that comes after the Abstract should be
moved to the end of Section 1 and become Section 1.1.  Whether
to do this is left to the RFC Editor's (wise) discretion.