Media Description for the Internet Key Exchange Protocol (IKE) in the Session Description Protocol (SDP)
RFC 6193
Document Type RFC - Informational (April 2011; No errata)
Last updated 2015-10-14
Stream ISE
Formats plain text html pdf htmlized bibtex
Reviews
SECDIR Early Review
Stream ISE state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 6193 (Informational)
Telechat date
Responsible AD Robert Sparks
Send notices to rfc-ise@rfc-editor.org
Email authors IPR References Referenced by Nits 
Independent Submission                                          M. Saito
Request for Comments: 6193                            NTT Communications
Category: Informational                                          D. Wing
ISSN: 2070-1721                                            Cisco Systems
                                                               M. Toyama
                                                         NTT Corporation
                                                              April 2011

     Media Description for the Internet Key Exchange Protocol (IKE)
               in the Session Description Protocol (SDP)

Abstract

   This document specifies how to establish a media session that
   represents a virtual private network using the Session Initiation
   Protocol for the purpose of on-demand media/application sharing
   between peers.  It extends the protocol identifier of the Session
   Description Protocol (SDP) so that it can negotiate use of the
   Internet Key Exchange Protocol (IKE) for media sessions in the SDP
   offer/answer model.  It also specifies a method to boot up IKE and
   generate IPsec security associations using a self-signed certificate.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6193.

Saito, et al.                 Informational                     [Page 1]
RFC 6193            Media Description for IKE in SDP          April 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1. Applicability Statement .........................................3
   2. Introduction ....................................................3
      2.1. Problem Statement ..........................................4
      2.2. Approach to Solution .......................................4
      2.3. Alternative Solution under Prior Relationship
           between Two Nodes ..........................................6
      2.4. Authorization Model ........................................6
      2.5. Conventions Used in This Document ..........................6
   3. Protocol Overview ...............................................7
   4. Protocol Identifiers ............................................8
   5. Normative Behavior ..............................................9
      5.1. SDP Offer and Answer Exchange ..............................9
      5.2. Maintenance and Termination of VPN Session ................10
      5.3. Forking ...................................................11
      5.4. Port Usage ................................................11
      5.5. Multiplexing UDP Messages When Using ICE ..................11
   6. Examples .......................................................13
      6.1. Example of SDP Offer and Answer Exchange without
           IPsec NAT-Traversal .......................................13
      6.2. Example of SDP Offer and Answer Exchange with
           IPsec NAT-Traversal .......................................14
   7. Application to IKE .............................................15
   8. Specifications Assuming Prior Relationship between Two Nodes ...16
      8.1. Certificates Signed by Trusted Third Party ................16
      8.2. Configured Pre-Shared Key .................................16
   9. Security Considerations ........................................17
   10. IANA Considerations ...........................................19
   11. Acknowledgments ...............................................20
   12. References ....................................................20
      12.1. Normative References .....................................20
      12.2. Informative References ...................................21

Saito, et al.                 Informational                     [Page 2]
RFC 6193            Media Description for IKE in SDP          April 2011

1.  Applicability Statement

   This document provides information about a deployed use of the
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools