The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, ipsecme mailing list <email@example.com>, ipsecme chair <firstname.lastname@example.org> Subject: Protocol Action: 'The NULL Authentication Method in IKEv2 Protocol' to Proposed Standard (draft-ietf-ipsecme-ikev2-null-auth-07.txt) The IESG has approved the following document: - 'The NULL Authentication Method in IKEv2 Protocol' (draft-ietf-ipsecme-ikev2-null-auth-07.txt) as Proposed Standard This document is the product of the IP Security Maintenance and Extensions Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-null-auth/
Technical Summary This document defines a new authentication mechanism for IKEv2, appropriately called "NULL". The NULL mechanism allows two IKE peers to establish either single-side or mutual authentication for those use cases where a peer is unwilling or unable to authenticate or identify itself. This is useful for using IPsec with opportunistic security without the need to sacrifice anonymity. The document also defines a new identification type, ID_NULL. Working Group Summary The working group had a fair amount of review of this draft and the draft has consensus. In my AD review, I requested changes to explicitly state that the draft Updates RFC4301. After discussion and agreement, this change was included. Document Quality There are at least 2 interoperable implementations - ELVIS-PLUS and libreswan. Personnel The Document Shepherd is Paul Hoffman and the Responsible Area Director is Kathleen Moriarty.