Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
RFC 4868

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Using HMAC-SHA-256, HMAC-SHA-384, and 
         HMAC-SHA-512 With IPsec' to Proposed Standard 

The IESG has approved the following document:

- 'Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 With IPsec '
   <draft-kelly-ipsec-ciph-sha2-02.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Russ Housley.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-kelly-ipsec-ciph-sha2-02.txt

Technical Summary

  This specification describes the use of HMAC in conjunction with the
  SHA-256, SHA-384, and SHA-512 algorithms in IPsec.  These algorithms
  may be used as the basis for data origin authentication and integrity
  verification mechanisms for the AH, ESP, IKEv1 and IKEv2 protocols,
  and also as Pseudo-Random Functions (PRFs) for IKEv1 and IKEv2.
  Truncated output lengths are specified for the authentication-related
  variants.  The PRF variants are not truncated.

Working Group Summary

  This document is not the result of any IETF Working Group, but there
  has been some discussion of the document on the IPsec mail list.

Protocol Quality

  This document was reviewed by Russ Housley for the IESG.

Note to RFC Editor

  Please change the status of the [SHA2-2] reference.  This should
  be an informative reference, not a normative reference.

  The PRF using SHA-256 is referred to as "HMAC-SHA-PRF-256" and
  "HMAC-SHA-256-PRF" and "PRF_HMAC_SHA2_256" in various places
  in the document.  Please refer to it as "PRF-HMAC-SHA-256"
  everywhere.

  The PRF using SHA-384 is referred to as "HMAC-SHA-PRF-384" and
  "HMAC-SHA-384-PRF" and "PRF_HMAC_SHA2_384" in various places
  in the document.  Please refer to it as "PRF-HMAC-SHA-384"
  everywhere.

  The PRF using SHA-512 is referred to as "HMAC-SHA-PRF-512" and
  "HMAC-SHA-512-PRF" and "PRF_HMAC_SHA2_512" in various places
  in the document.  Please refer to it as "PRF-HMAC-SHA-512"
  everywhere.