Technical Summary
This document defines a new authentication mechanism for IKEv2, appropriately called "NULL". The
NULL mechanism allows two IKE peers to establish either single-side or mutual authentication for
those use cases where a peer is unwilling or unable to authenticate or identify itself. This is
useful for using IPsec with opportunistic security without the need to sacrifice anonymity. The
document also defines a new identification type, ID_NULL.
Working Group Summary
The working group had a fair amount of review of this draft
and the draft has consensus. In my AD review, I requested
changes to explicitly state that the draft Updates RFC4301.
After discussion and agreement, this change was included.
Document Quality
There are at least 2 interoperable implementations
- ELVIS-PLUS and libreswan.
Personnel
The Document Shepherd is Paul Hoffman and the
Responsible Area Director is Kathleen Moriarty.