Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
IPsec
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Further reading== ===Standards track=== * {{IETF RFC|1829|link=no}}: The ESP DES-CBC Transform * {{IETF RFC|2403|link=no}}: The Use of HMAC-MD5-96 within ESP and AH * {{IETF RFC|2404|link=no}}: The Use of HMAC-SHA-1-96 within ESP and AH * {{IETF RFC|2405|link=no}}: The ESP DES-CBC Cipher Algorithm With Explicit IV * {{IETF RFC|2410|link=no}}: The NULL Encryption Algorithm and Its Use With IPsec * {{IETF RFC|2451|link=no}}: The ESP CBC-Mode Cipher Algorithms * {{IETF RFC|2857|link=no}}: The Use of HMAC-RIPEMD-160-96 within ESP and AH * {{IETF RFC|3526|link=no}}: More Modular Exponential (MODP) [[Diffie–Hellman key exchange|Diffie-Hellman]] groups for Internet Key Exchange (IKE) * {{IETF RFC|3602|link=no}}: The [[AES-CBC]] Cipher Algorithm and Its Use with IPsec * {{IETF RFC|3686|link=no}}: Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) * {{IETF RFC|3947|link=no}}: Negotiation of NAT-Traversal in the IKE * {{IETF RFC|3948|link=no}}: UDP Encapsulation of IPsec ESP Packets * {{IETF RFC|4106|link=no}}: The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP) * {{IETF RFC|4301|link=no}}: Security Architecture for the Internet Protocol * {{IETF RFC|4302|link=no}}: IP Authentication Header * {{IETF RFC|4303|link=no}}: IP Encapsulating Security Payload * {{IETF RFC|4304|link=no}}: Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP) * {{IETF RFC|4307|link=no}}: Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 ([[IKEv2]]) * {{IETF RFC|4308|link=no}}: Cryptographic Suites for IPsec * {{IETF RFC|4309|link=no}}: Using [[Advanced Encryption Standard]] (AES) [[CCM mode]] with IPsec Encapsulating Security Payload (ESP) * {{IETF RFC|4543|link=no}}: The Use of [[Galois Message Authentication Code]] (GMAC) in IPsec ESP and AH * {{IETF RFC|4555|link=no}}: IKEv2 Mobility and Multihoming Protocol (MOBIKE) * {{IETF RFC|4806|link=no}}: Online Certificate Status Protocol (OCSP) Extensions to IKEv2 * {{IETF RFC|4868|link=no}}: Using [[HMAC-SHA-256]], HMAC-SHA-384, and HMAC-SHA-512 with IPsec * {{IETF RFC|4945|link=no}}: The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX * {{IETF RFC|5280|link=no}}: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile * {{IETF RFC|5282|link=no}}: Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol * {{IETF RFC|5386|link=no}}: Better-Than-Nothing Security: An Unauthenticated Mode of IPsec * {{IETF RFC|5529|link=no}}: Modes of Operation for [[Camellia (cipher)|Camellia]] for Use with IPsec * {{IETF RFC|5685|link=no}}: Redirect Mechanism for the Internet Key Exchange Protocol Version 2 (IKEv2) * {{IETF RFC|5723|link=no}}: Internet Key Exchange Protocol Version 2 (IKEv2) Session Resumption * {{IETF RFC|5857|link=no}}: IKEv2 Extensions to Support Robust Header Compression over IPsec * {{IETF RFC|5858|link=no}}: IPsec Extensions to Support Robust Header Compression over IPsec * {{IETF RFC|7296|link=no}}: Internet Key Exchange Protocol Version 2 (IKEv2) * {{IETF RFC|7321|link=no}}: Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH) * {{IETF RFC|7383|link=no}}: Internet Key Exchange Protocol Version 2 (IKEv2) Message Fragmentation * {{IETF RFC|7427|link=no}}: Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) * {{IETF RFC|7634|link=no}}: ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec ===Experimental RFCs=== * {{IETF RFC|4478|link=no}}: Repeated Authentication in Internet Key Exchange (IKEv2) Protocol ===Informational RFCs=== * {{IETF RFC|2367|link=no}}: PF_KEY Interface * {{IETF RFC|2412|link=no}}: The OAKLEY Key Determination Protocol * {{IETF RFC|3706|link=no}}: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers * {{IETF RFC|3715|link=no}}: IPsec-Network Address Translation (NAT) Compatibility Requirements * {{IETF RFC|4621|link=no}}: Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol * {{IETF RFC|4809|link=no}}: Requirements for an IPsec Certificate Management Profile * {{IETF RFC|5387|link=no}}: Problem and Applicability Statement for Better-Than-Nothing Security (BTNS) * {{IETF RFC|5856|link=no}}: Integration of Robust Header Compression over IPsec Security Associations * {{IETF RFC|5930|link=no}}: Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol * {{IETF RFC|6027|link=no}}: IPsec Cluster Problem Statement * {{IETF RFC|6071|link=no}}: IPsec and IKE Document Roadmap * {{IETF RFC|6379|link=no}}: [[Suite B]] Cryptographic Suites for IPsec * {{IETF RFC|6380|link=no}}: Suite B Profile for Internet Protocol Security (IPsec) * {{IETF RFC|6467|link=no}}: Secure Password Framework for Internet Key Exchange Version 2 (IKEv2) ===Best current practice RFCs=== * {{IETF RFC|5406|link=no}}: Guidelines for Specifying the Use of IPsec Version 2 ===Obsolete/historic RFCs=== * {{IETF RFC|1825|link=no}}: Security Architecture for the Internet Protocol (obsoleted by RFC 2401) * {{IETF RFC|1826|link=no}}: IP Authentication Header (obsoleted by RFC 2402) * {{IETF RFC|1827|link=no}}: IP Encapsulating Security Payload (ESP) (obsoleted by RFC 2406) * {{IETF RFC|1828|link=no}}: IP Authentication using Keyed [[MD5]] (historic) * {{IETF RFC|2401|link=no}}: Security Architecture for the Internet Protocol (IPsec overview) (obsoleted by RFC 4301) * {{IETF RFC|2406|link=no}}: IP Encapsulating Security Payload (ESP) (obsoleted by RFC 4303 and RFC 4305) * {{IETF RFC|2407|link=no}}: The Internet IP Security Domain of Interpretation for ISAKMP (obsoleted by RFC 4306) * {{IETF RFC|2409|link=no}}: The Internet Key Exchange (obsoleted by RFC 4306) * {{IETF RFC|4305|link=no}}: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) (obsoleted by RFC 4835) * {{IETF RFC|4306|link=no}}: Internet Key Exchange (IKEv2) Protocol (obsoleted by RFC 5996) * {{IETF RFC|4718|link=no}}: IKEv2 Clarifications and Implementation Guidelines (obsoleted by RFC 7296) * {{IETF RFC|4835|link=no}}: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) (obsoleted by RFC 7321) * {{IETF RFC|5996|link=no}}: Internet Key Exchange Protocol Version 2 (IKEv2) (obsoleted by RFC 7296)
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)