The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2)

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    ipsecme mailing list <>,
    ipsecme chair <>
Subject: Protocol Action: 'The NULL Authentication Method in IKEv2 Protocol' to Proposed Standard (draft-ietf-ipsecme-ikev2-null-auth-07.txt)

The IESG has approved the following document:
- 'The NULL Authentication Method in IKEv2 Protocol'
  (draft-ietf-ipsecme-ikev2-null-auth-07.txt) as Proposed Standard

This document is the product of the IP Security Maintenance and
Extensions Working Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:

Technical Summary

This document defines a new authentication mechanism for IKEv2, appropriately called "NULL". The
NULL mechanism allows two IKE peers to establish either single-side or mutual authentication for
those use cases where a peer is unwilling or unable to authenticate or identify itself. This is
useful for using IPsec with opportunistic security without the need to sacrifice anonymity. The
document also defines a new identification type, ID_NULL.

Working Group Summary

   The working group had a fair amount of review of this draft
   and the draft has consensus.  In my AD review, I requested
   changes to explicitly state that the draft Updates RFC4301.
   After discussion and agreement, this change was included.

Document Quality

   There are at least 2 interoperable implementations 
   - ELVIS-PLUS and libreswan.


   The Document Shepherd is Paul Hoffman and the 
   Responsible Area Director is Kathleen Moriarty.