Reference document

Org
IETF
Pubnum
RFC 5996
Date
2010
Version
2
Title
Internet Key Exchange Protocol Version 2 (IKEv2)

Applicability

This document describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining Security Associations (SAs). IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. In this document, the term suite or cryptographic suite refers to a complete set of algorithms used to protect an SA. An initiator proposes one or more suites by listing supported algorithms that can be combined into suites in a mix-and-match fashion. IKE can also negotiate use of IP Compression (IPComp) [IP-COMP] in connection with an ESP or AH SA. The SAs for ESP or AH that get set up through that IKE SA we call Child SAs.

Responsible Party

Name
C3B CaP/4

Status

URI
https://www.ietf.org/rfc/rfc5996.txt

History

Flag Date RFC Version
added 1999-01-15 0.1
changed 2000-07-17 0.2
changed 2005-09-23 0.7
changed 2010-10-30 5.0
changed 2017-01-14 9-13 10.0
UUID
4b2fa6f0-27e3-4884-8250-5598660fc3e8