Technical Summary
This document defines a redirect mechanism for IKEv2. The main use
case is scalability of large deployments of remote access VPN gateways.
The proposed mechanism can also be used in Mobile IPv6, where
signaling is protected by IKE/IPsec, to support the home agent in
redirecting the mobile node to another home agent.
Working Group Summary
The document represents the consensus opinion of the ipsecme WG.
Document Quality
We are not aware of any implementations, and no vendors have announced
implementation plans.
Personnel
Yaron Sheffer is the Document Shepherd for this document. Tim Polk
is the Responsible Area Director. The IANA Expert for the Gateway
Identity Type registry (created by this document) is Tero Kivinen.
RFC Editor Note
Please append the following text as a new paragraph at the end of Section
3:
This document allows the client to be redirected in several protocol
states. In some of them the gateway is already authenticated at the point
of redirect, and in others it is not. We emphasize that the above rules
regarding the identity of the new gateway and the PAD and SPD entries
apply equally to all these scenarios.