[Swan-dev] Fwd: [IPsec] RFC 9370 on Multiple Key Exchanges in the Internet Key Exchange Protocol Version 2 (IKEv2)

Paul Wouters paul at nohats.ca
Mon May 22 23:34:48 EEST 2023

Now we just need a student of sone sort to work on this 😀
(And we should add it to the RFC list on our wiki)

Sent using a virtual keyboard on a phone

Begin forwarded message:

> From: rfc-editor at rfc-editor.org
> Date: May 22, 2023 at 16:31:31 EDT
> To: ietf-announce at ietf.org, rfc-dist at rfc-editor.org
> Cc: rfc-editor at rfc-editor.org, drafts-update-ref at iana.org, ipsec at ietf.org
> Subject: [IPsec] RFC 9370 on Multiple Key Exchanges in the Internet Key Exchange Protocol Version 2 (IKEv2)
> A new Request for Comments is now available in online RFC libraries.
>        RFC 9370
>        Title:      Multiple Key Exchanges in the 
>                    Internet Key Exchange Protocol Version 2 (IKEv2) 
>        Author:     CJ. Tjhai,
>                    M. Tomlinson,
>                    G. Bartlett,
>                    S. Fluhrer,
>                    D. Van Geest,
>                    O. Garcia-Morchon,
>                    V. Smyslov
>        Status:     Standards Track
>        Stream:     IETF
>        Date:       May 2023
>        Mailbox:    cjt at post-quantum.com,
>                    mt at post-quantum.com,
>                    graham.ietf at gmail.com,
>                    sfluhrer at cisco.com,
>                    daniel.vangeest.ietf at gmail.com,
>                    oscar.garcia-morchon at philips.com,
>                    svan at elvis.ru
>        Pages:      29
>        Updates:    RFC 7296
>        I-D Tag:    draft-ietf-ipsecme-ikev2-multiple-ke-12.txt
>        URL:        https://www.rfc-editor.org/info/rfc9370
>        DOI:        10.17487/RFC9370
> This document describes how to extend the Internet Key Exchange
> Protocol Version 2 (IKEv2) to allow multiple key exchanges to take
> place while computing a shared secret during a Security Association
> (SA) setup.
> This document utilizes the IKE_INTERMEDIATE exchange, where multiple
> key exchanges are performed when an IKE SA is being established.  It
> also introduces a new IKEv2 exchange, IKE_FOLLOWUP_KE, which is used
> for the same purpose when the IKE SA is being rekeyed or is creating
> additional Child SAs.
> This document updates RFC 7296 by renaming a Transform Type 4 from
> "Diffie-Hellman Group (D-H)" to "Key Exchange Method (KE)" and
> renaming a field in the Key Exchange Payload from "Diffie-Hellman
> Group Num" to "Key Exchange Method".  It also renames an IANA
> registry for this Transform Type from "Transform Type 4 - Diffie-
> Hellman Group Transform IDs" to "Transform Type 4 - Key Exchange
> Method Transform IDs".  These changes generalize key exchange
> algorithms that can be used in IKEv2.
> This document is a product of the IP Security Maintenance and Extensions Working Group of the IETF.
> This is now a Proposed Standard.
> STANDARDS TRACK: This document specifies an Internet Standards Track
> protocol for the Internet community, and requests discussion and suggestions
> for improvements.  Please refer to the current edition of the Official
> Internet Protocol Standards (https://www.rfc-editor.org/standards) for the 
> standardization state and status of this protocol.  Distribution of this 
> memo is unlimited.
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
>  https://www.ietf.org/mailman/listinfo/ietf-announce
>  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
> For searching the RFC series, see https://www.rfc-editor.org/search
> For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
> The RFC Editor Team
> Association Management Solutions, LLC
> _______________________________________________
> IPsec mailing list
> IPsec at ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20230522/7726c5f3/attachment.htm>

More information about the Swan-dev mailing list