Technical Summary
This document describes version 2 of the Internet Key Exchange (IKE)
protocol. IKE is the component of IPsec used for performing mutual
authentication and establishing and maintaining security associations.
Version 2 of the IKE specification includes the contents of what were
previously separate documents, including ISAKMP (RFC 2408), IKE
version 1 (RFC 2409), the Internet DOI (RFC 2407), NAT Traversal,
Legacy authentication, and remote address acquisition.
Version 2 of IKE does not interoperate with version 1 of IKE.
However, it has enough of the header format in common that both
versions can unambiguously share the same UDP port.
Working Group Summary
The IPsec Working Group came to rough consensus on this document.
Protocol Quality
This document was reviewed by Russ Housley for the IESG.
RFC Editor Note
The last paragraph of section 2 includes a typo. Please change
"rather then" to "rather than."
OLD:
... Use of the "Hash and URL" formats rather
then including certificates in exchanges where possible can avoid
most problems. ...
NEW:
... Use of the "Hash and URL" formats rather
than including certificates in exchanges where possible can avoid
most problems. ...