[Swan-dev] Fwd: [IPsec] RFC 9370 on Multiple Key Exchanges in the Internet Key Exchange Protocol Version 2 (IKEv2)
Paul Wouters
paul at nohats.ca
Mon May 22 23:34:48 EEST 2023
Now we just need a student of sone sort to work on this 😀
(And we should add it to the RFC list on our wiki)
Sent using a virtual keyboard on a phone
Begin forwarded message:
> From: rfc-editor at rfc-editor.org
> Date: May 22, 2023 at 16:31:31 EDT
> To: ietf-announce at ietf.org, rfc-dist at rfc-editor.org
> Cc: rfc-editor at rfc-editor.org, drafts-update-ref at iana.org, ipsec at ietf.org
> Subject: [IPsec] RFC 9370 on Multiple Key Exchanges in the Internet Key Exchange Protocol Version 2 (IKEv2)
>
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 9370
>
> Title: Multiple Key Exchanges in the
> Internet Key Exchange Protocol Version 2 (IKEv2)
> Author: CJ. Tjhai,
> M. Tomlinson,
> G. Bartlett,
> S. Fluhrer,
> D. Van Geest,
> O. Garcia-Morchon,
> V. Smyslov
> Status: Standards Track
> Stream: IETF
> Date: May 2023
> Mailbox: cjt at post-quantum.com,
> mt at post-quantum.com,
> graham.ietf at gmail.com,
> sfluhrer at cisco.com,
> daniel.vangeest.ietf at gmail.com,
> oscar.garcia-morchon at philips.com,
> svan at elvis.ru
> Pages: 29
> Updates: RFC 7296
>
> I-D Tag: draft-ietf-ipsecme-ikev2-multiple-ke-12.txt
>
> URL: https://www.rfc-editor.org/info/rfc9370
>
> DOI: 10.17487/RFC9370
>
> This document describes how to extend the Internet Key Exchange
> Protocol Version 2 (IKEv2) to allow multiple key exchanges to take
> place while computing a shared secret during a Security Association
> (SA) setup.
>
> This document utilizes the IKE_INTERMEDIATE exchange, where multiple
> key exchanges are performed when an IKE SA is being established. It
> also introduces a new IKEv2 exchange, IKE_FOLLOWUP_KE, which is used
> for the same purpose when the IKE SA is being rekeyed or is creating
> additional Child SAs.
>
> This document updates RFC 7296 by renaming a Transform Type 4 from
> "Diffie-Hellman Group (D-H)" to "Key Exchange Method (KE)" and
> renaming a field in the Key Exchange Payload from "Diffie-Hellman
> Group Num" to "Key Exchange Method". It also renames an IANA
> registry for this Transform Type from "Transform Type 4 - Diffie-
> Hellman Group Transform IDs" to "Transform Type 4 - Key Exchange
> Method Transform IDs". These changes generalize key exchange
> algorithms that can be used in IKEv2.
>
> This document is a product of the IP Security Maintenance and Extensions Working Group of the IETF.
>
> This is now a Proposed Standard.
>
> STANDARDS TRACK: This document specifies an Internet Standards Track
> protocol for the Internet community, and requests discussion and suggestions
> for improvements. Please refer to the current edition of the Official
> Internet Protocol Standards (https://www.rfc-editor.org/standards) for the
> standardization state and status of this protocol. Distribution of this
> memo is unlimited.
>
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
> https://www.ietf.org/mailman/listinfo/ietf-announce
> https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
>
> For searching the RFC series, see https://www.rfc-editor.org/search
> For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
>
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to rfc-editor at rfc-editor.org. Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
>
>
> The RFC Editor Team
> Association Management Solutions, LLC
>
> _______________________________________________
> IPsec mailing list
> IPsec at ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20230522/7726c5f3/attachment.htm>
More information about the Swan-dev
mailing list