Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2
RFC 6631, “Password Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2”, is an Experimental document published in June 2012 by D. Kuegler, Y. Sheffer. The canonical text is published by the RFC Editor.
Abstract
The Internet Key Exchange protocol version 2 (IKEv2) does not allow secure peer authentication when using short credential strings, i.e., passwords. Several proposals have been made to integrate password-authentication protocols into IKE. This document provides an adaptation of Password Authenticated Connection Establishment (PACE) to the setting of IKEv2 and demonstrates the advantages of this integration. This document defines an Experimental Protocol for the Internet community.
What “Experimental” means
Describes a specification that is part of a research or development effort, published so the community can gain experience with it.
The canonical text of RFC 6631 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6630 EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying
- RFC 6632 An Overview of the IETF Network Management Standards
- RFC 6629 Considerations on the Application of the Level 3 Multihoming Shim Protocol for IPv6
- RFC 6633 Deprecation of ICMP Source Quench Messages
- RFC 6628 Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2
- RFC 6627 Overview of Pre-Congestion Notification Encoding
- RFC 6635 RFC Editor Model
- RFC 6626 Dynamic Prefix Allocation for Network Mobility for Mobile IPv4