Technical Summary
This document describes how to use the AES-CTR mode with an
explicit initialization value to protect IKEv2 messages after
keys are established.
Working Group Summary
This is the product of the IPSECME WG. Nothing worth noting:
it got a small but adequate amount of review.
Document Quality
There are already a bunch of implementations based on developers
guessing how to do this; to the best of our knowledge, those
implementations match what is described in this document.
Personnel
Paul Hoffman (paul.hoffman@vpnc.org) is the document Shepherd.
Sean Turner (turners@ieca.com) is the Responsible Area Director.
The IANA Expert(s) for the registries
in this document is Tero Kivinen (kivinen@iki.fi).
RFC Editor Note
1) Please remove the following from the 1st page:
Updates: RFC4307
(if approved)
2) Please move the reference to [RFC3686] in Section 7.2 to be the 1st
reference in 7.1 (i.e., make it a normative reference).
3) Add the following as a new last paragraph in Section 1:
Implementers need to carefully consider use of AES-CTR over
the mandatory to implement algorithms in [RFC4307] because
the performance improvements of AES-CTR are minimal in the
context of IKEv2. Furthermore, these performance improvements
may be offset by the Counter Mode-specific risk of a minor,
hard to detect, implementation issue resulting in total
security failure.
4) Please note that this is intended for informational - not
standards as indicated in the header of the draft.