diff --git a/draft-ietf-ipsecme-rfc4307bis b/draft-ietf-ipsecme-rfc4307bis index fcc2cfe..b667636 100644 --- a/draft-ietf-ipsecme-rfc4307bis +++ b/draft-ietf-ipsecme-rfc4307bis @@ -144,7 +144,8 @@
-
+ +
The algorithms in the below table are negotiated in the SA payload and used in the ENCR payload. References to the specifications defining these algorithms and the ones in the following subsections are in the IANA registry . Some of these algorithms are Authenticated Encryption with @@ -192,7 +193,36 @@ efficient alternative to AES. ENCR_DES is known to be insecure and so MUST NOT be implemented.
-
+ + +
+ Transform Type 2 Algorithms are pseudo-random functions used to generate random values when needed. + + Name + Status + PRF_HMAC_SHA2_256MUST + PRF_HMAC_SHA2_512SHOULD+ + PRF_HMAC_SHA1MUST- + PRF_AES128_CBCSHOULD + + PRF_HMAC_SHA2_256 was not mentioned in RFC4307, as no SHA2 based authentication was mentioned. + PRF_HMAC_SHA2_256 MUST be implemented in order to replace SHA1 and PRF_HMAC_SHA1. + PRF_HMAC_SHA2_512 SHOULD be implemented as as a future replacement of SHA2_256 or when stronger + security is required. This value has been preferred to PRF_HMAC_SHA2_384, as the overhead of + PRF_HMAC_SHA2_512 is negligible. + PRF_HMAC_SHA1_96 has been downgraded from MUST in RFC4307. + There is an industry-wide trend to deprecate its usage. + PRF_AES128_CBC has been downgraded from SHOULD in RFC4307 as it is not being deployed. + In order to provide compatibility between IKEv2 implementations, this document would not + envision to downgrade any further to a MAY for example. On the other hand, this document + considers new cases outside the VPN cases to keep it to a SHOULD status. This + document considers it SHOULD be implemented + in order to be able to interact with Internet of Things devices. Internet of Things might use + AES based pseudo-random function in order to avoid implementing SHA2, and use their implementation + of AES. As this case is not a general use case for VPNs, its status is expected to remain a SHOULD. +
+ +
The algorithms in the below table are negotiated in the SA payload and used in the ENCR payload. References to the specifications defining these algorithms are in the IANA registry. When an AEAD algorithm (see ) is used, no algorithm from this table needs to be used. @@ -202,7 +232,7 @@ AUTH_HMAC_SHA2_256_128MUST AUTH_HMAC_SHA2_512_256SHOULD+ AUTH_HMAC_SHA1_96MUST- - AUTH_AES_XCBC_96MAY + AUTH_AES_XCBC_96SHOULD AUTH_HMAC_SHA2_256_128 was not mentioned in RFC4307, as no SHA2 based authentication was mentioned. AUTH_HMAC_SHA2_256_128 MUST be implemented in order to replace SHA1 and AUTH_HMAC_SHA1_96. @@ -211,28 +241,13 @@ AUTH_HMAC_SHA2_512 is negligible. AUTH_HMAC_SHA1_96 has been downgraded from MUST in RFC4307. There is an industry-wide trend to deprecate its usage. - AUTH_AES-XCBC has been downgraded from SHOULD in RFC4307 as it is not widely deployed. -
-
- Transform Type 2 Algorithms are pseudo-random functions used to generate random values when needed. - - Name - Status - PRF_HMAC_SHA2_256MUST - PRF_HMAC_SHA2_512SHOULD+ - PRF_HMAC_SHA1MUST- - PRF_AES128_CBCMAY - - PRF_HMAC_SHA2_256 was not mentioned in RFC4307, as no SHA2 based authentication was mentioned. - PRF_HMAC_SHA2_256 MUST be implemented in order to replace SHA1 and PRF_HMAC_SHA1. - PRF_HMAC_SHA2_512 SHOULD be implemented as as a future replacement of SHA2_256 or when stronger - security is required. This value has been preferred to PRF_HMAC_SHA2_384, as the overhead of - PRF_HMAC_SHA2_512 is negligible. - PRF_HMAC_SHA1_96 has been downgraded from MUST in RFC4307. - There is an industry-wide trend to deprecate its usage. - PRF_AES128_CBC has been downgraded from SHOULD in RFC4307 as it is not being deployed. + AUTH_AES-XCBC has been kept as SHOULD in RFC4307. This document considers it SHOULD be implemented + in order to be able to interact with Internet of Things devices. Internet of Things might use + AES based pseudo-random function in order to avoid implementing SHA2, and use their implementation + of AES. As this case is not a general use case for VPNs, its status is expected to remain a SHOULD.
-
+ +
There are several Modular Exponential (MODP) groups and several Elliptic Curve groups (ECC) that are defined for use in IKEv2. They are defined in both the [IKEv2] base document and in extensions documents. They are identified by group number.