Internet Key Exchange (IKEv2) Protocol
RFC 4306
Document | Type |
RFC - Proposed Standard
(December 2005; Errata)
Obsoleted by RFC 5996
Updated by RFC 5282
|
|
---|---|---|---|
Author | Charlie Kaufman | ||
Last updated | 2020-01-21 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4306 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Russ Housley | ||
Send notices to | (None) |
Network Working Group C. Kaufman, Ed. Request for Comments: 4306 Microsoft Obsoletes: 2407, 2408, 2409 December 2005 Category: Standards Track Internet Key Exchange (IKEv2) Protocol Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This document describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining security associations (SAs). This version of the IKE specification combines the contents of what were previously separate documents, including Internet Security Association and Key Management Protocol (ISAKMP, RFC 2408), IKE (RFC 2409), the Internet Domain of Interpretation (DOI, RFC 2407), Network Address Translation (NAT) Traversal, Legacy authentication, and remote address acquisition. Version 2 of IKE does not interoperate with version 1, but it has enough of the header format in common that both versions can unambiguously run over the same UDP port. Kaufman Standards Track [Page 1] RFC 4306 IKEv2 December 2005 Table of Contents 1. Introduction ....................................................3 1.1. Usage Scenarios ............................................5 1.2. The Initial Exchanges ......................................7 1.3. The CREATE_CHILD_SA Exchange ...............................9 1.4. The INFORMATIONAL Exchange ................................11 1.5. Informational Messages outside of an IKE_SA ...............12 2. IKE Protocol Details and Variations ............................12 2.1. Use of Retransmission Timers ..............................13 2.2. Use of Sequence Numbers for Message ID ....................14 2.3. Window Size for Overlapping Requests ......................14 2.4. State Synchronization and Connection Timeouts .............15 2.5. Version Numbers and Forward Compatibility .................17 2.6. Cookies ...................................................18 2.7. Cryptographic Algorithm Negotiation .......................21 2.8. Rekeying ..................................................22 2.9. Traffic Selector Negotiation ..............................24 2.10. Nonces ...................................................26 2.11. Address and Port Agility .................................26 2.12. Reuse of Diffie-Hellman Exponentials .....................27 2.13. Generating Keying Material ...............................27 2.14. Generating Keying Material for the IKE_SA ................28 2.15. Authentication of the IKE_SA .............................29 2.16. Extensible Authentication Protocol Methods ...............31 2.17. Generating Keying Material for CHILD_SAs .................33 2.18. Rekeying IKE_SAs Using a CREATE_CHILD_SA exchange ........34 2.19. Requesting an Internal Address on a Remote Network .......34 2.20. Requesting the Peer's Version ............................35 2.21. Error Handling ...........................................36 2.22. IPComp ...................................................37 2.23. NAT Traversal ............................................38 2.24. Explicit Congestion Notification (ECN) ...................40 3. Header and Payload Formats .....................................41 3.1. The IKE Header ............................................41 3.2. Generic Payload Header ....................................44 3.3. Security Association Payload ..............................46 3.4. Key Exchange Payload ......................................56 3.5. Identification Payloads ...................................56 3.6. Certificate Payload .......................................59 3.7. Certificate Request Payload ...............................61 3.8. Authentication Payload ....................................63 3.9. Nonce Payload .............................................64 3.10. Notify Payload ...........................................64 3.11. Delete Payload ...........................................72 3.12. Vendor ID Payload ........................................73 3.13. Traffic Selector Payload .................................74Show full document text