Internet Key Exchange (IKEv2) Protocol
RFC 4306
| Document | Type |
RFC - Proposed Standard
(December 2005; Errata)
Obsoleted by RFC 5996
Updated by RFC 5282
|
|
|---|---|---|---|
| Last updated | 2020-01-21 | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized with errata bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4306 (Proposed Standard) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Russ Housley | ||
| Send notices to | (None) | ||
Network Working Group C. Kaufman, Ed.
Request for Comments: 4306 Microsoft
Obsoletes: 2407, 2408, 2409 December 2005
Category: Standards Track
Internet Key Exchange (IKEv2) Protocol
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
This document describes version 2 of the Internet Key Exchange (IKE)
protocol. IKE is a component of IPsec used for performing mutual
authentication and establishing and maintaining security associations
(SAs).
This version of the IKE specification combines the contents of what
were previously separate documents, including Internet Security
Association and Key Management Protocol (ISAKMP, RFC 2408), IKE (RFC
2409), the Internet Domain of Interpretation (DOI, RFC 2407), Network
Address Translation (NAT) Traversal, Legacy authentication, and
remote address acquisition.
Version 2 of IKE does not interoperate with version 1, but it has
enough of the header format in common that both versions can
unambiguously run over the same UDP port.
Kaufman Standards Track [Page 1]
RFC 4306 IKEv2 December 2005
Table of Contents
1. Introduction ....................................................3
1.1. Usage Scenarios ............................................5
1.2. The Initial Exchanges ......................................7
1.3. The CREATE_CHILD_SA Exchange ...............................9
1.4. The INFORMATIONAL Exchange ................................11
1.5. Informational Messages outside of an IKE_SA ...............12
2. IKE Protocol Details and Variations ............................12
2.1. Use of Retransmission Timers ..............................13
2.2. Use of Sequence Numbers for Message ID ....................14
2.3. Window Size for Overlapping Requests ......................14
2.4. State Synchronization and Connection Timeouts .............15
2.5. Version Numbers and Forward Compatibility .................17
2.6. Cookies ...................................................18
2.7. Cryptographic Algorithm Negotiation .......................21
2.8. Rekeying ..................................................22
2.9. Traffic Selector Negotiation ..............................24
2.10. Nonces ...................................................26
2.11. Address and Port Agility .................................26
2.12. Reuse of Diffie-Hellman Exponentials .....................27
2.13. Generating Keying Material ...............................27
2.14. Generating Keying Material for the IKE_SA ................28
2.15. Authentication of the IKE_SA .............................29
2.16. Extensible Authentication Protocol Methods ...............31
2.17. Generating Keying Material for CHILD_SAs .................33
2.18. Rekeying IKE_SAs Using a CREATE_CHILD_SA exchange ........34
2.19. Requesting an Internal Address on a Remote Network .......34
2.20. Requesting the Peer's Version ............................35
2.21. Error Handling ...........................................36
2.22. IPComp ...................................................37
2.23. NAT Traversal ............................................38
2.24. Explicit Congestion Notification (ECN) ...................40
3. Header and Payload Formats .....................................41
3.1. The IKE Header ............................................41
3.2. Generic Payload Header ....................................44
3.3. Security Association Payload ..............................46
3.4. Key Exchange Payload ......................................56
3.5. Identification Payloads ...................................56
3.6. Certificate Payload .......................................59
3.7. Certificate Request Payload ...............................61
3.8. Authentication Payload ....................................63
3.9. Nonce Payload .............................................64
3.10. Notify Payload ...........................................64
3.11. Delete Payload ...........................................72
3.12. Vendor ID Payload ........................................73
3.13. Traffic Selector Payload .................................74
Show full document text