IP Security Maintenance and Extensions (ipsecme)
| Document | Date | Status | IPR | AD/Shepherd | |
|---|---|---|---|---|---|
| Active Internet-Drafts (6 hits) | |||||
|
18 pages
draft-ietf-ipsecme-add-ike-14
Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS |
2023-05-10 |
RFC Ed Queue
: AUTH48-DONE
147
Submitted to IESG for Publication : Proposed Standard Reviews: dnsdir dnsdir opsdir LC dnsdir LC genart LC opsdir |
Roman Danyliw
Tero Kivinen |
||
|
71 pages
draft-ietf-ipsecme-g-ikev2-09
Group Key Management using IKEv2 |
2023-04-19 |
I-D Exists
WG Consensus: Waiting for Write-Up Reviews: secdir Early tsvart Early Jul 2022 |
|
||
|
11 pages
draft-ietf-ipsecme-ikev2-auth-announce-03
Announcing Supported Authentication Methods in IKEv2 |
2023-04-14
Expires soon |
I-D Exists
In WG Last Call |
|
||
|
9 pages
draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-01
IKEv2 Optional SA&TS Payloads in Child Exchange |
2023-07-10 |
I-D Exists
WG Document |
2 |
|
|
|
10 pages
draft-ietf-ipsecme-labeled-ipsec-12
Labeled IPsec Traffic Selector support for IKEv2 |
2023-05-15 |
RFC Ed Queue
: AUTH48
AUTH48
142
Submitted to IESG for Publication : Proposed Standard Reviews: secdir LC genart LC secdir LC opsdir LC Jul 2022 |
Roman Danyliw
Tero Kivinen |
||
|
12 pages
draft-ietf-ipsecme-multi-sa-performance-01
IKEv2 support for per-queue Child SAs |
2023-06-06 |
I-D Exists
WG Document |
|
||
| Expired Internet-Draft (1 hit) | |||||
|
9 pages
draft-ietf-ipsecme-ike-tcp-01
A TCP transport for the Internet Key Exchange |
2012-12-03 |
Expired
WG Document |
|
||
| RFCs (37 hits) | |||||
|
15 pages
RFC 5685
(was draft-ietf-ipsecme-ikev2-redirect)
Redirect Mechanism for the Internet Key Exchange Protocol Version 2 (IKEv2) |
2009-11 | Proposed Standard RFC |
Tim Polk
|
||
|
26 pages
RFC 5723
(was draft-ietf-ipsecme-ikev2-resumption)
Internet Key Exchange Protocol Version 2 (IKEv2) Session Resumption |
2010-01 | Proposed Standard RFC |
Pasi Eronen
|
||
| 32 pages | 2010-02 | Experimental RFC |
Tim Polk
|
||
|
15 pages
RFC 5840
(was draft-ietf-ipsecme-traffic-visibility)
Wrapped Encapsulating Security Payload (ESP) for Traffic Visibility |
2010-04 | Proposed Standard RFC |
Pasi Eronen
|
||
|
32 pages
RFC 5879
(was draft-ietf-ipsecme-esp-null-heuristics)
Heuristics for Detecting ESP-NULL Packets |
2010-05 | Informational RFC |
Pasi Eronen
|
||
|
6 pages
RFC 5930
(was draft-ietf-ipsecme-aes-ctr-ikev2)
Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol |
2010-07 | Informational RFC |
Sean Turner
|
||
| 138 pages | 2010-09 |
Proposed Standard RFC
Obsoleted by RFC 7296 Updated by RFC 5998, RFC 6989, RFC 6989 |
10 |
Sean Turner
|
|
|
16 pages
RFC 5998
(was draft-ietf-ipsecme-eap-mutual)
An Extension for EAP-Only Authentication in IKEv2 |
2010-09 | Proposed Standard RFC |
Sean Turner
|
||
|
12 pages
RFC 6027
(was draft-ietf-ipsecme-ipsec-ha)
IPsec Cluster Problem Statement |
2010-10 | Informational RFC | 1 |
Sean Turner
|
|
|
63 pages
RFC 6071
(was draft-ietf-ipsecme-roadmap)
IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap |
2011-02 | Informational RFC |
Sean Turner
|
||
| 22 pages | 2011-06 | Proposed Standard RFC |
Sean Turner
|
||
| 26 pages | 2011-07 | Proposed Standard RFC | 3 |
Sean Turner
|
|
|
10 pages
RFC 6989
(was draft-ietf-ipsecme-dh-checks)
Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2) |
2013-07 | Proposed Standard RFC | 1 |
Sean Turner
Paul E. Hoffman |
|
|
12 pages
RFC 7018
(was draft-ietf-ipsecme-ad-vpn-problem)
Auto-Discovery VPN Problem Statement and Requirements |
2013-09 | Informational RFC |
Sean Turner
Paul E. Hoffman |
||
| 142 pages | 2014-10 |
Internet Standard RFC
Updated by RFC 7427, RFC 7670, RFC 8247, RFC 8983, RFC 9370 |
10 |
Kathleen Moriarty
Paul E. Hoffman |
|
|
11 pages
RFC 7321
(was draft-ietf-ipsecme-esp-ah-reqts)
Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH) |
2014-08 |
Proposed Standard RFC
Obsoleted by RFC 8221 |
Kathleen Moriarty
Yaron Sheffer |
||
|
20 pages
RFC 7383
(was draft-ietf-ipsecme-ikev2-fragmentation)
Internet Key Exchange Protocol Version 2 (IKEv2) Message Fragmentation |
2014-11 | Proposed Standard RFC |
Kathleen Moriarty
Paul E. Hoffman |
||
|
18 pages
RFC 7427
(was draft-kivinen-ipsecme-signature-auth)
Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) |
2015-01 | Proposed Standard RFC |
Kathleen Moriarty
Paul E. Hoffman |
||
|
12 pages
RFC 7619
(was draft-ietf-ipsecme-ikev2-null-auth)
The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2015-08 | Proposed Standard RFC |
Kathleen Moriarty
Paul E. Hoffman |
||
| 13 pages | 2015-08 | Proposed Standard RFC |
Kathleen Moriarty
Paul E. Hoffman |
||
|
32 pages
RFC 8019
(was draft-ietf-ipsecme-ddos-protection)
Protecting Internet Key Exchange Protocol Version 2 (IKEv2) Implementations from Distributed Denial-of-Service Attacks |
2016-11 | Proposed Standard RFC |
Kathleen Moriarty
David Waltermire |
||
| 8 pages | 2016-12 | Proposed Standard RFC |
Kathleen Moriarty
Tero Kivinen |
||
|
15 pages
RFC 8221
(was draft-ietf-ipsecme-rfc7321bis)
Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH) |
2017-10 |
Proposed Standard RFC
Updated by RFC 9395 |
Eric Rescorla
David Waltermire |
||
| 25 pages | 2017-08 |
Proposed Standard RFC
Obsoleted by RFC 9329 |
Eric Rescorla
Tero Kivinen |
||
|
19 pages
RFC 8247
(was draft-ietf-ipsecme-rfc4307bis)
Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2) |
2017-09 |
Proposed Standard RFC
Updated by RFC 9395 |
Eric Rescorla
David Waltermire |
||
|
5 pages
RFC 8420
(was draft-ietf-ipsecme-eddsa)
Using the Edwards-Curve Digital Signature Algorithm (EdDSA) in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2018-08 | Proposed Standard RFC |
Eric Rescorla
Tero Kivinen |
||
|
16 pages
RFC 8598
(was draft-ietf-ipsecme-split-dns)
Split DNS Configuration for the Internet Key Exchange Protocol Version 2 (IKEv2) |
2019-05 | Proposed Standard RFC |
Eric Rescorla
David Waltermire |
||
|
8 pages
RFC 8750
(was draft-ietf-ipsecme-implicit-iv)
Implicit Initialization Vector (IV) for Counter-Based Ciphers in Encapsulating Security Payload (ESP) |
2020-03 | Proposed Standard RFC |
Alexey Melnikov
Tero Kivinen |
||
|
16 pages
RFC 8784
(was draft-ietf-ipsecme-qr-ikev2)
Mixing Preshared Keys in the Internet Key Exchange Protocol Version 2 (IKEv2) for Post-quantum Security |
2020-06 | Proposed Standard RFC |
Benjamin Kaduk
David Waltermire |
||
|
7 pages
RFC 8983
(was draft-ietf-ipsecme-ipv6-ipv4-codes)
Internet Key Exchange Protocol Version 2 (IKEv2) Notification Status Types for IPv4/IPv6 Coexistence |
2021-02 | Proposed Standard RFC |
Benjamin Kaduk
Yoav Nir |
||
|
14 pages
RFC 9242
(was draft-ietf-ipsecme-ikev2-intermediate)
Intermediate Exchange in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2022-05 | Proposed Standard RFC |
Benjamin Kaduk
Yoav Nir |
||
|
30 pages
RFC 9329
(was draft-ietf-ipsecme-rfc8229bis)
TCP Encapsulation of Internet Key Exchange Protocol (IKE) and IPsec Packets |
2022-11 | Proposed Standard RFC |
Roman Danyliw
Tero Kivinen |
||
|
31 pages
RFC 9347
(was draft-ietf-ipsecme-iptfs)
Aggregation and Fragmentation Mode for Encapsulating Security Payload (ESP) and Its Use for IP Traffic Flow Security (IP-TFS) |
2023-01 | Proposed Standard RFC |
Roman Danyliw
Tero Kivinen |
||
|
25 pages
RFC 9348
(was draft-ietf-ipsecme-yang-iptfs)
A YANG Data Model for IP Traffic Flow Security |
2023-01 | Proposed Standard RFC |
Roman Danyliw
Tero Kivinen |
||
|
19 pages
RFC 9349
(was draft-ietf-ipsecme-mib-iptfs)
Definitions of Managed Objects for IP Traffic Flow Security |
2023-01 | Proposed Standard RFC |
Roman Danyliw
Tero Kivinen |
||
|
29 pages
RFC 9370
(was draft-ietf-ipsecme-ikev2-multiple-ke)
Multiple Key Exchanges in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2023-05 | Proposed Standard RFC | 1 |
Roman Danyliw
Tero Kivinen |
|
|
7 pages
RFC 9395
(was draft-ietf-ipsecme-ikev1-algo-to-historic)
Deprecation of the Internet Key Exchange Version 1 (IKEv1) Protocol and Obsoleted Algorithms |
2023-04 | Proposed Standard RFC |
Roman Danyliw
Tero Kivinen |
||
| Related Internet-Drafts (53 hits) | |||||
|
6 pages
draft-acharya-ipsecme-esp-ecmp-00
UDP encapsulated ESP for ECMP |
2023-04-21 | I-D Exists |
|
||
|
5 pages
draft-colitti-ipsecme-esp-ping-00
ESP Echo Protocol |
2023-07-25 | I-D Exists |
|
||
|
27 pages
draft-mglt-ipsecme-diet-esp-10
ESP Header Compression Profile |
2023-06-29 | I-D Exists |
|
||
|
8 pages
draft-mglt-ipsecme-ikev2-diet-esp-extension-03
Internet Key Exchange version 2 (IKEv2) extension for the ESP Header Compression (EHC) |
2023-06-28 | I-D Exists |
|
||
|
8 pages
draft-mglt-ipsecme-ts-dscp-03
Traffic Selector for Internet Key Exchange version 2 to add support Differentiated Services Field Codepoints (DSCP) |
2023-07-26 | I-D Exists |
|
||
|
18 pages
draft-mrossberg-ipsecme-multiple-sequence-counters-01
Broadening the Scope of Encapsulating Security Payload (ESP) Protocol |
2023-08-15 | I-D Exists |
|
||
|
6 pages
draft-nir-ipsecme-big-payload-02
A Larger Internet Key Exchange version 2 (IKEv2) Payload |
2023-07-23 | I-D Exists |
|
||
|
13 pages
draft-ponchon-ipsecme-anti-replay-subspaces-02
IPsec and IKE anti-replay sequence number subspaces for traffic-engineered paths and multi-core processing |
2023-07-10 | I-D Exists | 3 |
|
|
|
10 pages
draft-smyslov-ipsecme-ikev2-cookie-revised-05
Revised Cookie Processing in the IKEv2 Protocol |
2023-04-14
Expires soon |
I-D Exists |
|
||
|
9 pages
draft-smyslov-ipsecme-ikev2-qr-alt-08
Alternative Approach for Mixing Preshared Keys in IKEv2 for Post-quantum Security |
2023-06-19 | I-D Exists |
|
||
|
6 pages
draft-smyslov-ipsecme-ikev2-reliable-transport-00
Use of Reliable Transport in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2023-07-07 | I-D Exists |
|
||
|
8 pages
draft-xu-ipsecme-esp-in-udp-lb-11
Encapsulating IPsec ESP in UDP for Load-balancing |
2023-09-14 | I-D Exists |
|
||
|
29 pages
draft-xu-ipsecme-risav-02
An RPKI and IPsec-based AS-to-AS Approach for Source Address Validation |
2023-07-04 | I-D Exists |
|
||
| 11 pages | 1997-02 |
Informational RFC
Updated by RFC 6151 |
|
||
|
7 pages
RFC 2403
(was draft-ietf-ipsec-auth-hmac-md5-96)
The Use of HMAC-MD5-96 within ESP and AH |
1998-11 | Proposed Standard RFC |
|
||
|
7 pages
RFC 2404
(was draft-ietf-ipsec-auth-hmac-sha196)
The Use of HMAC-SHA-1-96 within ESP and AH |
1998-11 | Proposed Standard RFC |
|
||
|
10 pages
RFC 2405
(was draft-ietf-ipsec-ciph-des-expiv)
The ESP DES-CBC Cipher Algorithm With Explicit IV |
1998-11 | Proposed Standard RFC |
|
||
| 6 pages | 1998-11 | Proposed Standard RFC |
|
||
|
14 pages
RFC 2451
(was draft-ietf-ipsec-ciph-cbc)
The ESP CBC-Mode Cipher Algorithms |
1998-11 | Proposed Standard RFC |
|
||
|
10 pages
RFC 3526
(was draft-ietf-ipsec-ike-modp-groups)
More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) |
2003-05 | Proposed Standard RFC | 1 |
Jeffrey I. Schiller
|
|
|
11 pages
RFC 3566
(was draft-ietf-ipsec-ciph-aes-xcbc-mac)
The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec |
2003-09 | Proposed Standard RFC |
Russ Housley
|
||
|
15 pages
RFC 3602
(was draft-ietf-ipsec-ciph-aes-cbc)
The AES-CBC Cipher Algorithm and Its Use with IPsec |
2003-09 | Proposed Standard RFC |
Russ Housley
|
||
|
19 pages
RFC 3686
(was draft-ietf-ipsec-ciph-aes-ctr)
Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) |
2004-01 | Proposed Standard RFC |
Steven M. Bellovin
|
||
| 15 pages | 2005-01 | Proposed Standard RFC | 3 |
Russ Housley
|
|
| 11 pages | 2005-06 | Proposed Standard RFC |
Russ Housley
|
||
| 101 pages | 2005-12 |
Proposed Standard RFC
Updated by RFC 6040, RFC 7619 |
1 |
Russ Housley
|
|
| 34 pages | 2005-12 | Proposed Standard RFC |
Russ Housley
|
||
| 44 pages | 2005-12 | Proposed Standard RFC |
Russ Housley
|
||
| 7 pages | 2005-12 | Proposed Standard RFC |
Russ Housley
|
||
| 13 pages | 2005-12 | Proposed Standard RFC |
Steven M. Bellovin
|
||
|
6 pages
RFC 4434
(was draft-hoffman-rfc3664bis)
The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE) |
2006-02 | Proposed Standard RFC |
Russ Housley
|
||
|
5 pages
RFC 4478
(was draft-nir-ikev2-auth-lt)
Repeated Authentication in Internet Key Exchange (IKEv2) Protocol |
2006-04 | Experimental RFC |
Russ Housley
|
||
|
8 pages
RFC 4494
(was draft-songlee-aes-cmac-96)
The AES-CMAC-96 Algorithm and Its Use with IPsec |
2006-06 | Proposed Standard RFC |
Russ Housley
|
||
| 14 pages | 2006-05 | Proposed Standard RFC |
Russ Housley
|
||
|
33 pages
RFC 4555
(was draft-ietf-mobike-protocol)
IKEv2 Mobility and Multihoming Protocol (MOBIKE) |
2006-06 | Proposed Standard RFC | 3 |
Russ Housley
|
|
|
7 pages
RFC 4615
(was draft-songlee-aes-cmac-prf-128)
The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE) |
2006-08 | Proposed Standard RFC |
Russ Housley
|
||
|
11 pages
RFC 4739
(was draft-eronen-ipsec-ikev2-multiple-auth)
Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol |
2006-11 | Experimental RFC |
Russ Housley
|
||
| 15 pages | 2007-01 | Proposed Standard RFC | 6 |
Russ Housley
|
|
|
11 pages
RFC 4806
(was draft-myers-ikev2-ocsp)
Online Certificate Status Protocol (OCSP) Extensions to IKEv2 |
2007-02 | Proposed Standard RFC |
Russ Housley
|
||
| 21 pages | 2007-05 | Proposed Standard RFC |
Russ Housley
|
||
|
23 pages
RFC 5114
(was draft-lepinski-dh-groups)
Additional Diffie-Hellman Groups for Use with IETF Standards |
2008-01 | Informational RFC |
Tim Polk
|
||
| 19 pages | 2008-08 | Proposed Standard RFC |
Tim Polk
|
||
|
7 pages
RFC 5529
(was draft-kato-ipsec-camellia-modes)
Modes of Operation for Camellia for Use with IPsec |
2009-04 | Proposed Standard RFC |
Tim Polk
|
||
| 13 pages | 2010-05 | Proposed Standard RFC |
Magnus Westerlund
|
||
| 16 pages | 2010-06 | Informational RFC | 3 |
Tim Polk
|
|
|
7 pages
RFC 6023
(was draft-nir-ipsecme-childless)
A Childless Initiation of the Internet Key Exchange Version 2 (IKEv2) Security Association (SA) |
2010-10 | Experimental RFC |
Sean Turner
|
||
|
10 pages
RFC 6467
(was draft-kivinen-ipsecme-secure-password-framework)
Secure Password Framework for Internet Key Exchange Version 2 (IKEv2) |
2011-12 | Informational RFC |
Sean Turner
|
||
|
24 pages
RFC 6617
(was draft-harkins-ipsecme-spsk-auth)
Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE) |
2012-06 | Experimental RFC |
Sean Turner
|
||
|
20 pages
RFC 6628
(was draft-shin-augmented-pake)
Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2 |
2012-06 | Experimental RFC | 5 |
Sean Turner
|
|
|
26 pages
RFC 6631
(was draft-kuegler-ipsecme-pace-ikev2)
Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2) |
2012-06 | Experimental RFC |
Sean Turner
|
||
|
9 pages
RFC 6867
(was draft-nir-ipsecme-erx)
An Internet Key Exchange Protocol Version 2 (IKEv2) Extension to Support EAP Re-authentication Protocol (ERP) |
2013-01 | Experimental RFC |
Sean Turner
|
||
|
14 pages
RFC 7791
(was draft-mglt-ipsecme-clone-ike-sa)
Cloning the IKE Security Association in the Internet Key Exchange Protocol Version 2 (IKEv2) |
2016-03 | Proposed Standard RFC |
Kathleen Moriarty
Tero Kivinen |
||
|
22 pages
RFC 9227
(was draft-smyslov-esp-gost)
Using GOST Ciphers in the Encapsulating Security Payload (ESP) and Internet Key Exchange Version 2 (IKEv2) Protocols |
2022-03 | Informational RFC |
Eliot Lear |
||