|
1.
|
Clear description of the referenced document:
|
|
|
|
|
2.
|
Status of approval:
|
|
|
Approved Mar 2017
|
|
3.
|
Justification for the specific reference:
|
|
|
Essential to applying method to use encryption with associated mask data (EAMD) in Recommendation
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
None
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
None
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
RFC 7296 is a standards-track document and obsoletes RFC5996.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
Extensively referenced, including X.1362.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[ADDGROUP] Kivinen, T. and M. Kojo, "More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)", RFC 3526, May 2003, http://www.rfc-editor.org/info/rfc3526./
[ADDRIPV6] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006, http://www.rfc-editor.org/info/rfc4291./
[AEAD] Black, D. and D. McGrew, "Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol", RFC 5282, August 2008, http://www.rfc-editor.org/info/rfc5282./
[AESCMACPRF128] Song, J., Poovendran, R., Lee, J., and T. Iwata, "The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE)", RFC 4615, August 2006, http://www.rfc-editor.org/info/rfc4615./
[AESXCBCPRF128] Hoffman, P., "The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)", RFC 4434, February 2006, http://www.rfc-editor.org/info/rfc4434./
[EAP] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, "Extensible Authentication Protocol (EAP)", RFC 3748, June 2004, http://www.rfc-editor.org/info/rfc3748./
[ECN] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001, http://www.rfc-editor.org/info/rfc3168./
[ESPCBC] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher Algorithms", RFC 2451, November 1998, http://www.rfc-editor.org/info/rfc2451./
[IKEV2IANA] IANA, "Internet Key Exchange Version 2 (IKEv2) Parameters", http://www.iana.org/assignments/ikev2-parameters/./
[IPSECARCH] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, December 2005, http://www.rfc-editor.org/info/rfc4301./
[MUSTSHOULD] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, http://www.rfc-editor.org/info/rfc2119./
[PKCS1] Jonsson, J. and B. Kaliski, "Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1", RFC 3447, February 2003, http://www.rfc-editor.org/info/rfc3447./
[PKIX] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, May 2008, http://www.rfc-editor.org/info/rfc5280./
[RFC4307] Schiller, J., "Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)", RFC 4307, December 2005, http://www.rfc-editor.org/info/rfc4307./
[UDPENCAPS] Huttunen, A., Swander, B., Volpe, V., DiBurro, L., and M. Stenberg, "UDP Encapsulation of IPsec ESP Packets", RFC 3948, January 2005, http://www.rfc-editor.org/info/rfc3948./
[URLS] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005, http://www.rfc-editor.org/info/rfc3986./
[AH] Kent, S., "IP Authentication Header", RFC 4302, December 2005, http://www.rfc-editor.org/info/rfc4302. /
[ARCHGUIDEPHIL] Bush, R. and D. Meyer, "Some Internet Architectural Guidelines and Philosophy", RFC 3439, December 2002, http://www.rfc-editor.org/info/rfc3439./
[ARCHPRINC] Carpenter, B., "Architectural Principles of the Internet", RFC 1958, June 1996, http://www.rfc-editor.org/info/rfc1958./
[Clarif] Eronen, P. and P. Hoffman, "IKEv2 Clarifications and Implementation Guidelines", RFC 4718, October 2006, http://www.rfc-editor.org/info/rfc4718./
[DES] American National Standards Institute, "American National Standard for Information Systems-Data Link Encryption", ANSI X3.106, 1983./
[DH] Diffie, W. and M. Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, V.IT-22 n. 6, June 1977./
[DIFFSERVARCH] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", RFC 2475, December 1998, http://www.rfc-editor.org/info/rfc2475./
[DIFFSERVFIELD] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, December 1998, http://www.rfc-editor.org/info/rfc2474./
[DIFFTUNNEL] Black, D., "Differentiated Services and Tunnels", RFC 2983, October 2000, http://www.rfc-editor.org/info/rfc2983./
[DOI] Piper, D., "The Internet IP Security Domain of Interpretation for ISAKMP", RFC 2407, November 1998, http://www.rfc-editor.org/info/rfc2407./
[DOSUDPPROT] Kaufman, C., Perlman, R., and B. Sommerfeld, "DoS protection for UDP-based protocols", ACM Conference on Computer and Communications Security, October 2003./
[DSS] National Institute of Standards and Technology, U.S. Department of Commerce, "Digital Signature Standard (DSS)", FIPS 186-4, July 2013, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf./
[EAI] Yang, A., Steele, S., and N. Freed, "Internationalized Email Headers", RFC 6532, February 2012, http://www.rfc-editor.org/info/rfc6532./
[EAP-IANA] IANA, "Extensible Authentication Protocol (EAP) Registry: Method Types", http://http://www.iana.org/assignments/eap-eke/./
[EAPMITM] Asokan, N., Niemi, V., and K. Nyberg, "Man-in-the-Middle in Tunneled Authentication Protocols", November 2002, http://eprint.iacr.org/2002/163./
[ESP] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005,/
http://www.rfc-editor.org/info/rfc4303./
[EXCHANGEANALYSIS] Perlman, R. and C. Kaufman, "Analysis of the IPsec key exchange Standard", WET-ICE Security Conference, MIT, 2001, http://www.computer.org/csdl/proceedings/wetice/2001/1269/00/12690150.pdf./
[FIPS.180-4.2012] National Institute of Standards and Technology, U.S. Department of Commerce, "Secure Hash Standard (SHS)", FIPS 180-4, March 2012, http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf./
[H2HIPSEC] Aura, T., Roe, M., and A. Mohammed, "Experiences with Host-to-Host IPsec", 13th International Workshop on Security Protocols, Cambridge, UK, April 2005. /
[HMAC] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997, http://www.rfc-editor.org/info/rfc2104./
[IDEA] Lai, X., "On the Design and Security of Block Ciphers", ETH Series in Information Processing, v. 1, Konstanz: Hartung-Gorre Verlag, 1992./
[IDNA] Klensin, J., "Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework", RFC 5890, August 2010, http://www.rfc-editor.org/info/rfc5890./
[IKEV1] Harkins, D. and D. Carrel, "The Internet Key Exchange (IKE)", RFC 2409, November 1998, http://www.rfc-editor.org/info/rfc2409./
[IKEV2] Kaufman, C., "Internet Key Exchange (IKEv2) Protocol", RFC 4306, December 2005,/
http://www.rfc-editor.org/info/rfc4306. /
[IP] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981, http://www.rfc-editor.org/info/rfc791./
[IP-COMP] Shacham, A., Monsour, B., Pereira, R., and M. Thomas, "IP Payload Compression Protocol (IPComp)", RFC 3173, September 2001, http://www.rfc-editor.org/info/rfc3173./
[IPSECARCH-OLD] Kent, S. and R. Atkinson, "Security Architecture for the Internet Protocol", RFC 2401, November 1998, http://www.rfc-editor.org/info/rfc2401./
[IPV6CONFIG] Eronen, P., Laganier, J., and C. Madson, "IPv6 Configuration in Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 5739, February 2010, http://www.rfc-editor.org/info/rfc5739./
[ISAKMP] Maughan, D., Schneider, M., and M. Schertler, "Internet Security Association and Key Management Protocol (ISAKMP)", RFC 2408, November 1998, http://www.rfc-editor.org/info/rfc2408./
[MAILFORMAT] Resnick, P., Ed., "Internet Message Format", RFC 5322, October 2008, http://www.rfc-editor.org/info/rfc5322./
[MD5] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April 1992, http://www.rfc-editor.org/info/rfc1321./
[MIPV6] Perkins, C., Johnson, D., and J. Arkko, "Mobility Support in IPv6", RFC 6275, July 2011, http://www.rfc-editor.org/info/rfc6275./
[MLDV2] Vida, R. and L. Costa, "Multicast Listener Discovery Version 2 (MLDv2) for IPv6", RFC 3810, June 2004, http://www.rfc-editor.org/info/rfc3810./
[MOBIKE] Eronen, P., "IKEv2 Mobility and Multihoming Protocol (MOBIKE)", RFC 4555, June 2006, http://www.rfc-editor.org/info/rfc4555./
[MODES] Dworkin, M., "Recommendation for Block Cipher Modes of Operation", National Institute of Standards and Technology, NIST Special Publication 800-38A 2001 Edition, December 2001./
[NAI] Aboba, B., Beadles, M., Arkko, J., and P. Eronen, "The Network Access Identifier", RFC 4282, December 2005, http://www.rfc-editor.org/info/rfc4282./
[NATREQ] Aboba, B. and W. Dixon, "IPsec-Network Address Translation (NAT) Compatibility Requirements", RFC 3715, March 2004, http://www.rfc-editor.org/info/rfc3715./
[OAKLEY] Orman, H., "The OAKLEY Key Determination Protocol", RFC 2412, November 1998, http://www.rfc-editor.org/info/rfc2412./
[PFKEY] McDonald, D., Metz, C., and B. Phan, "PF_KEY Key Management API, Version 2", RFC 2367, July 1998, http://www.rfc-editor.org/info/rfc2367./
[PHOTURIS] Karn, P. and W. Simpson, "Photuris: Session-Key Management Protocol", RFC 2522, March 1999, http://www.rfc-editor.org/info/rfc2522./
[RANDOMNESS] Eastlake 3rd, D., Schiller, J., and S. Crocker, "Randomness Requirements for Security", BCP 106, RFC 4086, June 2005, http://www.rfc-editor.org/info/rfc4086./
[REAUTH] Nir, Y., "Repeated Authentication in Internet Key Exchange (IKEv2) Protocol", RFC 4478, April 2006, http://www.rfc-editor.org/info/rfc4478./
[REUSE] Menezes, A. and B. Ustaoglu, "On Reusing Ephemeral Keys In Diffie-Hellman Key Agreement Protocols", December 2008, http://www.cacr.math.uwaterloo.ca/techreports/2008//
cacr2008-24.pdf./
[RFC4945] Korver, B., "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX", RFC 4945, August 2007, http://www.rfc-editor.org/info/rfc4945./
[RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen, "Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 5996, September 2010, http://www.rfc-editor.org/info/rfc5996./
[RFC6989] Sheffer, Y. and S. Fluhrer, "Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 6989, July 2013, http://www.rfc-editor.org/info/rfc6989./
[ROHCV2] Ertekin, E., Christou, C., Jasani, R., Kivinen, T., and C. Bormann, "IKEv2 Extensions to Support Robust Header Compression over IPsec", RFC 5857, May 2010, http://www.rfc-editor.org/info/rfc5857./
[SIGMA] Krawczyk, H., "SIGMA: the 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols", Advances in Cryptography - CRYPTO 2003/
Proceedings LNCS 2729, 2003, http://www.informatik.uni-trier.de/~ley/db/conf/crypto//
crypto2003.html. /
[SKEME] Krawczyk, H., "SKEME: A Versatile Secure Key Exchange Mechanism for Internet", IEEE Proceedings of the 1996 Symposium on Network and Distributed Systems Security, 1996./
[TRANSPARENCY] Carpenter, B., "Internet Transparency", RFC 2775, February 2000, http://www.rfc-editor.org/info/rfc2775./
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
None
|
|
