Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2
RFC 8247, “Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2”, is a Proposed Standard document published in September 2017 by Y. Nir, T. Kivinen, P. Wouters, D. Migault. It updates RFC 7296. It obsoletes RFC 4307. It has since been updated by RFC 9395. The canonical text is published by the RFC Editor.
Abstract
The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Internet Key Exchange (IKE) protocol is used to negotiate the IPsec Security Association (IPsec SA) parameters, such as which algorithms should be used. To ensure interoperability between different implementations, it is necessary to specify a set of algorithm implementation requirements and usage guidance to ensure that there is at least one algorithm that all implementations support. This document updates RFC 7296 and obsoletes RFC 4307 in defining the current algorithm implementation requirements and usage guidance for IKEv2, and does minor cleaning up of the IKEv2 IANA registry. This document does not update the algorithms used for packet encryption using IPsec Encapsulating Security Payload (ESP).
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8247 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8246 HTTP Immutable Responses
- RFC 8248 Security Automation and Continuous Monitoring Requirements
- RFC 8245 Rules for Designing Protocols Using the Generalized Packet/Message Format from RFC 5444
- RFC 8249 Transparent Interconnection of Lots of Links : MTU Negotiation
- RFC 8244 Special-Use Domain Names Problem Statement
- RFC 8250 IPv6 Performance and Diagnostic Metrics Destination Option
- RFC 8243 Alternatives for Multilevel Transparent Interconnection of Lots of Links
- RFC 8251 Updates to the Opus Audio Codec