Skip to main content

IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap
RFC 6071

Revision differences

Document history

Date Rev. By Action
2018-12-20
10 (System)
Received changes through RFC Editor sync (changed abstract to 'Over the past few years, the number of RFCs that define and use IPsec and Internet …
Received changes through RFC Editor sync (changed abstract to 'Over the past few years, the number of RFCs that define and use IPsec and Internet Key Exchange (IKE) has greatly proliferated. This is complicated by the fact that these RFCs originate from numerous IETF working groups: the original IPsec WG, its various spin-offs, and other WGs that use IPsec and/or IKE to protect their protocols' traffic.

This document is a snapshot of IPsec- and IKE-related RFCs. It includes a brief description of each RFC, along with background information explaining the motivation and context of IPsec's outgrowths and extensions. It obsoletes RFC 2411, the previous "IP Security Document Roadmap."

The obsoleted IPsec roadmap (RFC 2411) briefly described the interrelationship of the various classes of base IPsec documents. The major focus of RFC 2411 was to specify the recommended contents of documents specifying additional encryption and authentication algorithms. This document is not an Internet Standards Track specification; it is published for informational purposes.')
2015-10-14
10 (System) Notify list changed from ipsecme-chairs@ietf.org, draft-ietf-ipsecme-roadmap@ietf.org to (None)
2011-02-09
10 Cindy Morgan State changed to RFC Published from RFC Ed Queue.
2011-02-09
10 Cindy Morgan [Note]: changed to 'RFC 6071'
2011-02-08
10 (System) RFC published
2010-08-17
10 Amy Vezza State changed to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2010-08-16
10 (System) IANA Action state changed to No IC from In Progress
2010-08-16
10 (System) IANA Action state changed to In Progress
2010-08-16
10 Amy Vezza IESG state changed to Approved-announcement sent
2010-08-16
10 Amy Vezza IESG has approved the document
2010-08-16
10 Amy Vezza Closed "Approve" ballot
2010-08-13
10 (System) New version available: draft-ietf-ipsecme-roadmap-10.txt
2010-08-13
10 (System) Removed from agenda for telechat - 2010-08-12
2010-08-12
10 Cindy Morgan State Changes to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation by Cindy Morgan
2010-08-12
10 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko
2010-08-12
10 Tim Polk
[Ballot comment]
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be …
[Ballot comment]
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be
helpful.  However, this document has a very similar title and does obsolete 2411 if approved.  Perhaps a few
sentences in the intro to describe that relationship would be useful!

(2) RFC 5282 should be added to the list of base documents in section 4.1.2, IKEv2.  As noted in section 5.4, 5282
added the capability to negotiate combined mode algorithms to IKEv2.

(3) Section 5.4.3 is misplaced.  GMAC is an Integrity protection algorithm and should appear in section 5.3. This
will necessitate forward pointers to section 5.4, since it is based on a combined mode algorithm, but it does not fit
with the other algorithms in 5.4 which are providing both encryption and integrity-protection.

(4) In section 5.2.1, last sentence of the first paragraph:

                                                                                This number (the
  value 11 for ESP_NULL) is found on the IANA registries for both IKEv1
  and IKEv2, but it is not mentioned in this RFC.

"this RFC" is ambiguous - I gather the authors meant RFC 2410 (since the
value is clearly mentioned in *this* RFC).  I suggest:

s/this RFC/[RFC2410]/
2010-08-12
10 Tim Polk
[Ballot comment]
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be …
[Ballot comment]
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be
helpful.  However, this document has a very similar title and does obsolete 2411 if approved.  Perhaps a few
sentences in the intro to describe that relationship would be useful!

(2) RFC 5282 should be added to the list of base documents in section 4.1.2, IKEv2.  As noted in section 5.4, 5282
added the capability to negotiate combined mode algorithms to IKEv2.

(3) Section 5.4.3 is misplaced.  GMAC is an Integrity protection algorithm and should appear in section 5.3. This

will necessitate forward pointers to section 5.4, since it is based on a combined mode algorithm, but it does not fit
with the other algorithms in 5.4.

(4) In section 5.2.1, last sentence of the first paragraph:

                                                                                This number (the
  value 11 for ESP_NULL) is found on the IANA registries for both IKEv1
  and IKEv2, but it is not mentioned in this RFC.

"this RFC" is ambiguous - I gather the authors meant RFC 2410 (since the
value is clearly mentioned in *this* RFC).  I suggest:

s/this RFC/[RFC2410]/
2010-08-12
10 Tim Polk [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk
2010-08-11
10 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2010-08-11
10 Adrian Farrel [Ballot comment]
Thanks for what must have been a pretty painful task. I think this makes a useful document.
2010-08-11
10 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel
2010-08-10
10 Peter Saint-Andre [Ballot Position Update] New position, No Objection, has been recorded by Peter Saint-Andre
2010-08-10
09 (System) New version available: draft-ietf-ipsecme-roadmap-09.txt
2010-08-10
10 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu
2010-08-04
10 Gonzalo Camarillo [Ballot Position Update] New position, No Objection, has been recorded by Gonzalo Camarillo
2010-07-30
10 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Richard Barnes.
2010-07-13
10 Sean Turner State Changes to IESG Evaluation from IESG Evaluation::Revised ID Needed by Sean Turner
2010-07-13
10 Sean Turner State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Sean Turner
2010-07-13
10 Sean Turner State Changes to IESG Evaluation from Waiting for AD Go-Ahead::Revised ID Needed by Sean Turner
2010-07-13
10 Sean Turner State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead by Sean Turner
2010-07-13
10 Sean Turner [Ballot Position Update] New position, Yes, has been recorded for Sean Turner
2010-07-13
10 Sean Turner Ballot has been issued by Sean Turner
2010-07-13
10 Sean Turner Created "Approve" ballot
2010-07-12
10 Sean Turner Placed on agenda for telechat - 2010-08-12 by Sean Turner
2010-07-12
10 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2010-07-11
08 (System) New version available: draft-ietf-ipsecme-roadmap-08.txt
2010-07-06
10 Amanda Baber IANA comments:

As described in the IANA Considerations section, we understand this
document to have NO IANA Actions.
2010-06-29
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Richard Barnes
2010-06-29
10 Samuel Weiler Request for Last Call review by SECDIR is assigned to Richard Barnes
2010-06-28
10 Amy Vezza Last call sent
2010-06-28
10 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2010-06-28
10 Sean Turner Last Call was requested by Sean Turner
2010-06-28
10 (System) Ballot writeup text was added
2010-06-28
10 (System) Last call text was added
2010-06-28
10 (System) Ballot approval text was added
2010-06-28
10 Sean Turner State Changes to Last Call Requested from Publication Requested by Sean Turner
2010-06-28
10 Sean Turner State Changes to Publication Requested from AD Evaluation::AD Followup by Sean Turner
2010-06-26
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-06-26
07 (System) New version available: draft-ietf-ipsecme-roadmap-07.txt
2010-06-08
10 Sean Turner State Changes to AD Evaluation::Revised ID Needed from AD Evaluation::AD Followup by Sean Turner
2010-06-08
10 Sean Turner [Note]: 'Paul Hoffman (paul.hoffman@vpnc.org) the document shepherd for this document.' added by Sean Turner
2010-05-28
10 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-05-28
06 (System) New version available: draft-ietf-ipsecme-roadmap-06.txt
2010-03-31
10 Sean Turner Responsible AD has been changed to Sean Turner from Pasi Eronen
2010-02-26
10 Pasi Eronen State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Pasi Eronen
2010-02-22
10 Pasi Eronen State Changes to AD Evaluation from Publication Requested by Pasi Eronen
2010-02-22
10 Pasi Eronen [Note]: 'Paul Hoffman (paul.hoffman@vpnc.org) the document shepherd for this document.' added by Pasi Eronen
2010-02-09
10 Amy Vezza
Greetings again. Here is my document shepherd write-up for "IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap" (draft-ietf-ipsecme-roadmap-05.txt). Please consider it …
Greetings again. Here is my document shepherd write-up for "IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap" (draft-ietf-ipsecme-roadmap-05.txt). Please consider it for publication.

--Paul Hoffman

I am the document shepherd for this document and am the co-chair of the IPsecME WG. I have personally reviewed this version of the document and, in particular, believe this version is ready for forwarding to the IESG for publication.

The document was reviewed reasonably well in the WG and went through a few revisions that added a lot of content. The WG Last Call had many comments from plenty of WG members, and I feel comfortable with the level of reviews over the life of the document. I know of no IPR statements on the work.

There is rough WG consensus for this work. There wasn't an outpouring of support (probably due to its Informational status and its length) , but there were no significant objections, either.

Yes, it passes I-D nits. Yes, the references are sane and no downrefs are needed (given the nature of the document, there are no normative references and a zillion non-normative ones). There are no IANA considerations, so that section will come out when published as an RFC.

Technical Summary

This is actually not a technical document: as the abstract says, "This document is a snapshot of IPsec- and IKE-related RFCs." It covers a myriad of RFCs that relate heavily or lightly to all versions of IPsec and IKE, including those that did not originate with the IPsec and IPsecME Working Groups.

Working Group Summary

The document has rough consensus of the IPsecME WG.

Document Quality

This document is exhaustive and should help any implementer who wants to understand the many different facets of IPsec to find the other RFCs that they need.
2010-02-09
10 Amy Vezza Draft Added by Amy Vezza in state Publication Requested
2010-02-09
10 Amy Vezza [Note]: 'Paul Hoffman (paul.hoffman@vpnc.org) the document shepherd for this document.' added by Amy Vezza
2010-02-05
05 (System) New version available: draft-ietf-ipsecme-roadmap-05.txt
2009-10-02
04 (System) New version available: draft-ietf-ipsecme-roadmap-04.txt
2009-07-14
03 (System) New version available: draft-ietf-ipsecme-roadmap-03.txt
2009-07-06
02 (System) New version available: draft-ietf-ipsecme-roadmap-02.txt
2009-03-06
01 (System) New version available: draft-ietf-ipsecme-roadmap-01.txt
2009-01-06
00 (System) New version available: draft-ietf-ipsecme-roadmap-00.txt