draft-ietf-lwig-ikev2-minimal-00.txt   draft-ietf-lwig-ikev2-minimal-01.txt 
Light-Weight Implementation Guidance T. Kivinen Light-Weight Implementation Guidance T. Kivinen
(lwig) INSIDE Secure (lwig) INSIDE Secure
Internet-Draft April 11, 2013 Internet-Draft October 17, 2013
Intended status: Informational Intended status: Informational
Expires: October 13, 2013 Expires: April 20, 2014
Minimal IKEv2 Minimal IKEv2
draft-ietf-lwig-ikev2-minimal-00.txt draft-ietf-lwig-ikev2-minimal-01.txt
Abstract Abstract
This document describes minimal version of the Internet Key Exchange This document describes minimal version of the Internet Key Exchange
version 2 (IKEv2) protocol. IKEv2 is a component of IPsec used for version 2 (IKEv2) protocol. IKEv2 is a component of IPsec used for
performing mutual authentication and establishing and maintaining performing mutual authentication and establishing and maintaining
Security Associations (SAs). IKEv2 includes several optional Security Associations (SAs). IKEv2 includes several optional
features, which are not needed in minimal implementations. This features, which are not needed in minimal implementations. This
document describes what is required from the minimal implementation, document describes what is required from the minimal implementation,
and also describes various optimizations which can be done. The and also describes various optimizations which can be done. The
protocol described here is compliant with full IKEv2 with exception protocol described here is compliant with full IKEv2 with exception
that this document only describes shared secret authentication (IKEv2 that this document describes mainly shared secret authentication
requires support for certificate authentication in addition to shared (IKEv2 requires support for certificate authentication in addition to
secret authentication). shared secret authentication).
This document does not update or modify RFC 5996, but provides more This document does not update or modify RFC 5996, but provides more
compact description of the minimal version of the protocol. If this compact description of the minimal version of the protocol. If this
document and RFC 5996 conflicts then RFC 5996 is the authoritative document and RFC 5996 conflicts then RFC 5996 is the authoritative
description. description.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 13, 2013. This Internet-Draft will expire on April 20, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
skipping to change at page 4, line 34 skipping to change at page 4, line 34
This document should be stand-alone, meaning everything needed to This document should be stand-alone, meaning everything needed to
implement IKEv2 is copied here except the description of the implement IKEv2 is copied here except the description of the
cryptographic algorithms. The IKEv2 specification has lots of cryptographic algorithms. The IKEv2 specification has lots of
background information and rationale which has been omitted from this background information and rationale which has been omitted from this
document. document.
Numerous additional numeric values from IANA registries have been Numerous additional numeric values from IANA registries have been
omitted from this document, only those which are of interest for omitted from this document, only those which are of interest for
minimal implementation are listed in this document. minimal implementation are listed in this document.
The main body of this document describes how to use the shared secret
authentication in the IKEv2, as it is easiest to implement. In some
cases that is not enough and the Appendix B.2 describes how to use
Raw Public keys instead of shared secret authentication.
For more information check the full IKEv2 specification in RFC 5996 For more information check the full IKEv2 specification in RFC 5996
[RFC5996] and [IKEV2IANA]. [RFC5996] and [IKEV2IANA].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
1.1. Use Cases 1.1. Use Cases
One use case for this kind of minimal implementation is in small One use case for this kind of minimal implementation is in small
 End of changes. 6 change blocks. 
7 lines changed or deleted 12 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/