Implemented Standards: Difference between revisions
Jump to navigation
Jump to search
Paul Wouters (talk | contribs) No edit summary |
Paul Wouters (talk | contribs) No edit summary |
||
| Line 79: | Line 79: | ||
| Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation | | Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation | ||
| This is a really just a subset of [http://tools.ietf.org/html/rfc7296 RFC 7296] | | This is a really just a subset of [http://tools.ietf.org/html/rfc7296 RFC 7296] | ||
|- | |- | ||
|? | |||
| [https://tools.ietf.org/html/rfc4478 RFC 4478] | |||
| Repeated Authentication in Internet Key Exchange (IKEv2) Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4555 RFC 4555] | |||
| IKEv2 Mobility and Multihoming Protocol (MOBIKE) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4595 RFC 4595] | |||
| Use of IKEv2 in the Fibre Channel Security Association Management Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6515 RFC 6515] | |||
| The AES-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for IKE | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4621 RFC 4621] | |||
| Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4739 RFC 4739] | |||
| Multiple Authentication Exchanges in the IKEv2 Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4754 RFC 4754] | |||
| IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc4806 RFC 4806] | |||
| Online Certificate Status Protocol (OCSP) Extensions to IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5026 RFC 5026] | |||
| Mobile IPv6 Bootstrapping in Split Scenario | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5282 RFC 5282] | |||
| Using Authenticated Encryption Algorithms with the Encrypted Payload of the IKEv2 Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5685 RFC 5685] | |||
| Redirect Mechanism for IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5857 RFC 5857] | |||
| IKEv2 Extensions to Support Robust Header Compression over IPsec | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5723 RFC 5723] | |||
| Internet Key Exchange Protocol Version 2 (IKEv2) Session Resumption | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5739 RFC 5739] | |||
| IPv6 Configuration in Internet Key Exchange Protocol Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5903 RFC 5903] | |||
| ECP Groups for IKE and IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5930 RFC 5930] | |||
| Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc5998 RFC 5998] | |||
| An Extension for EAP-only Authentication in IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6023 RFC 6023] | |||
| A Childless Initiation of the Internet Key Exchange Version 2 (IKEv2) Security Association (SA) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6027 RFC 6027] | |||
| IPsec Cluster Problem Statement | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6290 RFC 6290] | |||
| A Quick Crash Detection Method for the Internet Key Exchange Protocol (IKE) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6311 RFC 6311] | |||
| Protocol Support for High Availability of IKEv2/IPsec | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6467 RFC 6467] | |||
| Secure Password Framework for IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6617 RFC 6617] | |||
| Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6628 RFC 6628] | |||
| Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6631 RFC 6631] | |||
| Password Authenticated Connection Establishment with IKEv2 | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6867 RFC 6867] | |||
| An Internet Key Exchange Protocol Version 2 (IKEv2) Extension to Support EAP Re-authentication Protocol (ERP) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6932 RFC 6932] | |||
| Brainpool Elliptic Curves for the IKE Group Description Registry | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6954 RFC 6954] | |||
| Using the Elliptic Curve Cryptography (ECC) Brainpool Curves for the Internet Key Exchange Protocol Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc6989 RFC 6989] | |||
| Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7383 RFC 7383] | |||
| Internet Key Exchange Protocol Version 2 (IKEv2) Message Fragmentation | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7427 RFC 7427] | |||
| Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7619 RFC 7619] | |||
| The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7634 RFC 7634] | |||
| ChaCha20, Poly1305, and Their Use in the IKE Protocol and IPsec | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7651 RFC 7651] | |||
| 3GPP IP Multimedia Subsystems (IMS) Option for the Internet Key Exchange Protocol Version 2 (IKEv2) | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/rfc7670 RFC 7670] | |||
| Generic Raw Public-Key Support for IKEv2 | |||
| | |||
|- | |||
| [https://tools.ietf.org/html/draft-brunner-ikev2-mediation draft-brunner-ikev2-mediation] | |||
| IKEv2 Mediation Extension | |||
| | |||
|- | |||
|? | |||
| [https://tools.ietf.org/html/draft-laganier-ike-ipv6-cga] | |||
| Using IKE with IPv6 Cryptographically Generated Addresses | |||
| | |||
|- | |||
Revision as of 17:56, 17 June 2016
The following table lists the RFCs, drafts and standards related to IKE and IPsec. An overview of IKE and IPsec related RFC's is available in RFC 6071 |
Implementation status can be: implemented (v), planned (p), not implemented (-) or will not be implemented (X)
| Status | Standard | Description | Comments |
|---|---|---|---|
| IKEv1 | |||
| v | RFC 2407 | IPsec Domain of Interpretation for ISAKMP (IPsec DoI) | |
| v | RFC 2408 | Internet Security Association and Key Management Protocol (ISAKMP) | |
| v | RFC 2409 | Internet Key Exchange (IKE) | Revised Mode not implemented |
| v | RFC 3526 | More Modular Exponential (MODP) Diffie-Hellman groups | |
| v | RFC 3706 | A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers | known as "DPD" |
| v | RFC 3947 | Negotiation of NAT-Traversal in the IKE | known as "NATT" or "ESPinUDP" |
| v | draft-dukes-ike-mode-cfg | The ISAKMP Configuration Method | |
| v | draft-ietf-ipsec-isakmp-xauth | Extended Authentication within ISAKMP/Oakley (XAUTH) | |
| ? | draft-jenkins-ipsec-rekeying | IPsec Re-keying Issues | |
| X | draft-ietf-ipsec-isakmp-hybrid-auth | A Hybrid Authentication Mode for IKE | |
| IKEv2 | |||
| v | RFC 4307 | Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2) | |
| v | RFC 7296 | Internet Key Exchange Protocol Version 2 (IKEv2) | Obsoletes RFC 5996 and RFC 4718 |
| v | RFC 7815 | Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation | This is a really just a subset of RFC 7296 |
| ? | RFC 4478 | Repeated Authentication in Internet Key Exchange (IKEv2) Protocol | |
| ? | RFC 4555 | IKEv2 Mobility and Multihoming Protocol (MOBIKE) | |
| ? | RFC 4595 | Use of IKEv2 in the Fibre Channel Security Association Management Protocol | |
| ? | RFC 6515 | The AES-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for IKE | |
| ? | RFC 4621 | Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol | |
| ? | RFC 4739 | Multiple Authentication Exchanges in the IKEv2 Protocol | |
| ? | RFC 4754 | IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA) | |
| ? | RFC 4806 | Online Certificate Status Protocol (OCSP) Extensions to IKEv2 | |
| ? | RFC 5026 | Mobile IPv6 Bootstrapping in Split Scenario | |
| ? | RFC 5282 | Using Authenticated Encryption Algorithms with the Encrypted Payload of the IKEv2 Protocol | |
| ? | RFC 5685 | Redirect Mechanism for IKEv2 | |
| ? | RFC 5857 | IKEv2 Extensions to Support Robust Header Compression over IPsec | |
| ? | RFC 5723 | Internet Key Exchange Protocol Version 2 (IKEv2) Session Resumption | |
| ? | RFC 5739 | IPv6 Configuration in Internet Key Exchange Protocol Version 2 (IKEv2) | |
| ? | RFC 5903 | ECP Groups for IKE and IKEv2 | |
| ? | RFC 5930 | Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol | |
| ? | RFC 5998 | An Extension for EAP-only Authentication in IKEv2 | |
| ? | RFC 6023 | A Childless Initiation of the Internet Key Exchange Version 2 (IKEv2) Security Association (SA) | |
| ? | RFC 6027 | IPsec Cluster Problem Statement | |
| ? | RFC 6290 | A Quick Crash Detection Method for the Internet Key Exchange Protocol (IKE) | |
| ? | RFC 6311 | Protocol Support for High Availability of IKEv2/IPsec | |
| ? | RFC 6467 | Secure Password Framework for IKEv2 | |
| ? | RFC 6617 | Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE) | |
| ? | RFC 6628 | Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2 | |
| ? | RFC 6631 | Password Authenticated Connection Establishment with IKEv2 | |
| ? | RFC 6867 | An Internet Key Exchange Protocol Version 2 (IKEv2) Extension to Support EAP Re-authentication Protocol (ERP) | |
| ? | RFC 6932 | Brainpool Elliptic Curves for the IKE Group Description Registry | |
| ? | RFC 6954 | Using the Elliptic Curve Cryptography (ECC) Brainpool Curves for the Internet Key Exchange Protocol Version 2 (IKEv2) | |
| ? | RFC 6989 | Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2) | |
| ? | RFC 7383 | Internet Key Exchange Protocol Version 2 (IKEv2) Message Fragmentation | |
| ? | RFC 7427 | Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) | |
| ? | RFC 7619 | The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) | |
| ? | RFC 7634 | ChaCha20, Poly1305, and Their Use in the IKE Protocol and IPsec | |
| ? | RFC 7651 | 3GPP IP Multimedia Subsystems (IMS) Option for the Internet Key Exchange Protocol Version 2 (IKEv2) | |
| ? | RFC 7670 | Generic Raw Public-Key Support for IKEv2 | |
| draft-brunner-ikev2-mediation | IKEv2 Mediation Extension | ||
| ? | [1] | Using IKE with IPv6 Cryptographically Generated Addresses | |