[Front page] [Index]

Requests for Comments

The following RFCs (Request For Comments, working documents of the Internet Engineering Task Force) are supported. The RFC documents are available at www.ietf.org.

• RFC 822 (Standard for the format of ARPA Internet text messages): E-mail address (RFC822 Name) formatting conventions.
• RFC 1981: Path MTU Discovery for IP version 6
• RFC 2003: IP Encapsulation within IP
• RFC 2104: HMAC: Keyed-Hashing for Message Authentication
• RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5
• RFC 2373: IP Version 6 Addressing Architecture
• RFC 2374: An IPv6 Aggregatable Global Unicast Address Format
• RFC 2401: Security Architecture for the Internet Protocol. Note that this document has been obsoleted by RFC 4301.
• RFC 2405: The ESP DES-CBC Cipher Algorithm with Explicit IV
• RFC 2406: IP Encapsulating Security Payload (ESP). Note that this document has been obsoleted by RFC 4303 ("IP Encapsulating Security Payload (ESP)").
• RFC 2407: The Internet IP Security Domain of Interpretation for ISAKMP. Note that this document has been obsoleted by RFC 4306 ("Internet Key Exchange (IKEv2) Protocol").
• RFC 2408: Internet Security Association and Key Management Protocol (ISAKMP). Note that this document has been obsoleted by RFC 4306 ("Internet Key Exchange (IKEv2) Protocol").
• RFC 2409: The Internet Key Exchange (IKE). Note that this document has been obsoleted by RFC 4306 ("Internet Key Exchange (IKEv2) Protocol").
• RFC 2411: IP Security Document Roadmap
• RFC 2412: The OAKLEY Key Determination Protocol
• RFC 2437: PKCS #1: RSA Cryptography Specifications Version 2.0
• RFC 2451: ESP CBC-Mode Cipher Algorithms
• RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
• RFC 2463: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification
• RFC 2464: Transmission of IPv6 Packets over Ethernet Networks
• RFC 2472: IP Version 6 over PPP
• RFC 2510: Internet X.509 Public Key Infrastructure Certificate
• RFC 2661: Layer Two Tunneling Protocol (L2TP)
• RFC 2663: IP Network Address Translator (NAT) Terminology and Considerations
• RFC 3022: Traditional IP Network Address Translator
• RFC 3027: Protocol Complications with the IP Network Address Translator
• RFC 3193: Securing L2TP using IPsec
• RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile
• RFC 3526: More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
• RFC 3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
• RFC 3602: The AES-CBC Cipher Algorithm and Its Use with IPsec
• RFC 3664: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE). Note that this document has been obsoleted by RFC 4434 ("The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)").
• RFC 3686: Using AES Counter Mode With IPsec ESP
• RFC 3706: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers
• RFC 3748: Extensible Authentication Protocol (EAP)
• RFC 3947: Negotiation of NAT-Traversal in the IKE
• RFC 3948: UDP Encapsulation of IPsec ESP Packets
• RFC 4106: The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)
• RFC 4109: Algorithms for Internet Key Exchange version 1 (IKEv1)
• RFC 4231: Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
• RFC 4301: Security Architecture for the Internet Protocol (excluding policy decorrelation)
• RFC 4303: IP Encapsulating Security Payload (ESP)
• RFC 4304: On Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP)
• RFC 4306: Internet Key Exchange (IKEv2) Protocol. Note that this document has been obsoleted by RFC 5996 ("Internet Key Exchange Protocol (IKEv2)", also known as "IKEv2bis"). Note: This RFC states that in the event that message IDs grow too large to fit in 32 bits, the IKE SA must be closed. This functionality is not currently supported.
• RFC 4307: Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
• RFC 4308: Cryptographic Suites for IPsec Note: This specification has been implemented only partially. Contact INSIDE Secure technical support services for more information.
• RFC 4434: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)
• RFC 4555: IKEv2 Mobility and Multihoming Protocol (MOBIKE)
• RFC 4621: Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol
• RFC 4634: US Secure Hash Algorithms (SHA and HMAC-SHA)
• RFC 4718: IKEv2 Clarifications and Implementation Guidelines
• RFC 4753: ECP Groups for IKE and IKEv2. Note that this document has been obsoleted by RFC 5903.
• RFC 4754: IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA)
• RFC 4787: Network Address Translation (NAT) Behavioral Requirements for Unicast UDP
• RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 With IPsec
• RFC 4869: Suite B Cryptographic Suites for IPsec Note: This specification has been implemented only partially. Contact INSIDE Secure technical support services for more information.
• RFC 5114: Additional Diffie-Hellman Groups for Use with IETF Standards.
• RFC 5282: Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol Note: Only the AES-GCM related sections of this specification have been implemented.
• RFC 5903: Elliptic Curve Groups modulo a Prime (ECP Groups) for IKE and IKEv2
• RFC 5930: Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol
• RFC 5996: Internet Key Exchange Protocol Version 2 (IKEv2) (also known as "IKEv2bis") Note: This RFC states that in the event that message IDs grow too large to fit in 32 bits, the IKE SA must be closed. This functionality is not currently supported.
• RFC 5998: An Extension for EAP-Only Authentication in IKEv2