PF_KEY Extensions for Reducing Policy Information in Kernel

Document Type Expired Internet-Draft (individual)
Author Jari Arkko 
Last updated 2000-07-14
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


PF_KEY is a generic key management API that can be used with IPsec. This document discusses the extension of the PF_KEY interface in order to lessen the need to store complicated IPsec policy data in kernel- mode implementations, and to make it possible for key management dae- mons reuse traffic pattern information already present in the kernel.


Jari Arkko (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)