Implemented Standards

From Libreswan
Revision as of 16:43, 17 June 2016 by Paul Wouters (talk | contribs)
Jump to navigation Jump to search

The following table lists the RFCs, drafts and standards related to IKE and IPsec. An overview of IKE and IPsec related RFC's is available in RFC 6071 |

Implementation status can be: implemented (v), planned (p), not implemented (-) or will not be implemented (X)

Status Standard Description Comments
IKEv1
v RFC 2407 IPsec Domain of Interpretation for ISAKMP (IPsec DoI)
v RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)
v RFC 2409 Internet Key Exchange (IKE) Revised Mode not implemented
v RFC 3526 More Modular Exponential (MODP) Diffie-Hellman groups
v RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers known as "DPD"
v RFC 3947 Negotiation of NAT-Traversal in the IKE known as "NATT" or "ESPinUDP"
v draft-dukes-ike-mode-cfg The ISAKMP Configuration Method
v draft-ietf-ipsec-isakmp-xauth Extended Authentication within ISAKMP/Oakley (XAUTH)
? draft-jenkins-ipsec-rekeying IPsec Re-keying Issues
X draft-ietf-ipsec-isakmp-hybrid-auth A Hybrid Authentication Mode for IKE
IKEv2
v RFC 4307 Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
v RFC 7296 Internet Key Exchange Protocol Version 2 (IKEv2) Obsoletes RFC 5996 and RFC 4718
v RFC 7815 Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation This is a really just a subset of RFC 7296