Internet Key Exchange Version 2 (IKEv2) Parameters (last updated 2010-08-31) Registries included below: - IKEv2 Exchange Types - IKEv2 Payload Types - IKEv2 Transform Types - IKEv2 Transform Attribute Types - IKEv2 Encryption Transform IDs - IKEv2 Pseudo-random Function Transform IDs - IKEv2 Integrity Algorithm Transform IDs - IKEv2 Diffie-Hellman Transform IDs - IKEv2 Extended Sequence Numbers Transform IDs - IKEv2 Identification Payload ID Types - IKEv2 Certificate Encodings - IKEv2 Authentication Method - IKEv2 Notify Message Types - IKEv2 Notification IPCOMP Transform IDs - IKEv2 Security Protocol Identifiers - IKEv2 Traffic Selector Types - IKEv2 Configuration Payload CFG Types - IKEv2 Configuration Payload Attribute Types - IKEv2 Gateway Identity Types - ROHC Attribute Types Registry Name: IKEv2 Exchange Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Exchange Type Reference -------- -------------------------- --------- 0-33 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 34 IKE_SA_INIT [RFC-ietf-ipsecme-ikev2bis-11.txt] 35 IKE_AUTH [RFC-ietf-ipsecme-ikev2bis-11.txt] 36 CREATE_CHILD_SA [RFC-ietf-ipsecme-ikev2bis-11.txt] 37 INFORMATIONAL [RFC-ietf-ipsecme-ikev2bis-11.txt] 38 IKE_SESSION_RESUME [RFC5723] 39-239 Unassigned 240-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Payload Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Next Payload Type Notation Reference -------- ------------------------------- --------- --------- 0 No Next Payload [RFC-ietf-ipsecme-ikev2bis-11.txt] 1-32 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 33 Security Association SA [RFC-ietf-ipsecme-ikev2bis-11.txt] 34 Key Exchange KE [RFC-ietf-ipsecme-ikev2bis-11.txt] 35 Identification - Initiator IDi [RFC-ietf-ipsecme-ikev2bis-11.txt] 36 Identification - Responder IDr [RFC-ietf-ipsecme-ikev2bis-11.txt] 37 Certificate CERT [RFC-ietf-ipsecme-ikev2bis-11.txt] 38 Certificate Request CERTREQ [RFC-ietf-ipsecme-ikev2bis-11.txt] 39 Authentication AUTH [RFC-ietf-ipsecme-ikev2bis-11.txt] 40 Nonce Ni, Nr [RFC-ietf-ipsecme-ikev2bis-11.txt] 41 Notify N [RFC-ietf-ipsecme-ikev2bis-11.txt] 42 Delete D [RFC-ietf-ipsecme-ikev2bis-11.txt] 43 Vendor ID V [RFC-ietf-ipsecme-ikev2bis-11.txt] 44 Traffic Selector - Initiator TSi [RFC-ietf-ipsecme-ikev2bis-11.txt] 45 Traffic Selector - Responder TSr [RFC-ietf-ipsecme-ikev2bis-11.txt] 46 Encrypted and Authenticated SK [RFC-ietf-ipsecme-ikev2bis-11.txt] 47 Configuration CP [RFC-ietf-ipsecme-ikev2bis-11.txt] 48 Extensible Authentication EAP [RFC-ietf-ipsecme-ikev2bis-11.txt] 49-127 Unassigned 128-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type Values Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Transform Type Description Used In Reference -------- ------------------------------- --------------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 Encryption Algorithm (ENCR) (IKE and ESP) [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 Pseudo-random Function (PRF) (IKE) [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 Integrity Algorithm (INTEG) (IKE, AH, optional in ESP) [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 Diffie-Hellman Group (D-H) (IKE, optional in AH & ESP) [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 Extended Sequence Numbers (ESN) (AH and ESP) [RFC-ietf-ipsecme-ikev2bis-11.txt] 6-240 Unassigned 241-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Transform Attribute Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Attribute Type Format Reference ----------- ---------------------------- ------ --------- 0-13 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 14 Key Length (in bits) TV [RFC-ietf-ipsecme-ikev2bis-11.txt] 15-17 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 18-16383 Unassigned 16384-32767 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type 1 - Encryption Algorithm Transform IDs Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Number Name ESP Reference IKEv2 Reference ------------ ------------------------------------- ------------- --------------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] - 1 ENCR_DES_IV64 [RFC1827] - 2 ENCR_DES [RFC2405] [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 ENCR_3DES [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 ENCR_RC5 [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 ENCR_IDEA [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 6 ENCR_CAST [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 7 ENCR_BLOWFISH [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 8 ENCR_3IDEA [RFC2451] [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 ENCR_DES_IV32 [RFC-ietf-ipsecme-ikev2bis-11.txt] - 10 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] - 11 ENCR_NULL [RFC2410] Not allowed 12 ENCR_AES_CBC [RFC3602] [RFC-ietf-ipsecme-ikev2bis-11.txt] 13 ENCR_AES_CTR [RFC3686] [RFC5930] 14 ENCR_AES-CCM_8 [RFC4309] [RFC5282] 15 ENCR-AES-CCM_12 [RFC4309] [RFC5282] 16 ENCR-AES-CCM_16 [RFC4309] [RFC5282] 17 Unassigned 18 AES-GCM with a 8 octet ICV [RFC4106] [RFC5282] 19 AES-GCM with a 12 octet ICV [RFC4106] [RFC5282] 20 AES-GCM with a 16 octet ICV [RFC4106] [RFC5282] 21 ENCR_NULL_AUTH_AES_GMAC [RFC4543] Not allowed 22 Reserved for IEEE P1619 XTS-AES [Ball] - 23 ENCR_CAMELLIA_CBC [RFC5529] [RFC-ietf-ipsecme-ikev2bis-11.txt] 24 ENCR_CAMELLIA_CTR [RFC5529] - 25 ENCR_CAMELLIA_CCM with an 8-octet ICV [RFC5529] - 26 ENCR_CAMELLIA_CCM with a 12-octet ICV [RFC5529] - 27 ENCR_CAMELLIA_CCM with a 16-octet ICV [RFC5529] - 28-1023 Unassigned 1024-65535 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type 2 - Pseudo-random Function Transform IDs Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Number Name Reference ------------ ---------------------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 PRF_HMAC_MD5 [RFC2104] 2 PRF_HMAC_SHA1 [RFC2104] 3 PRF_HMAC_TIGER [RFC2104] 4 PRF_AES128_XCBC [RFC4434] 5 PRF_HMAC_SHA2_256 [RFC4868] 6 PRF_HMAC_SHA2_384 [RFC4868] 7 PRF_HMAC_SHA2_512 [RFC4868] 8 PRF_AES128_CMAC [RFC4615] 9-1023 Unassigned 1024-65535 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type 3 - Integrity Algorithm Transform IDs Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Number Name Reference ------------ ---------------------------------- --------- 0 NONE [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 AUTH_HMAC_MD5_96 [RFC2403][RFC-ietf-ipsecme-ikev2bis-11.txt] 2 AUTH_HMAC_SHA1_96 [RFC2404][RFC-ietf-ipsecme-ikev2bis-11.txt] 3 AUTH_DES_MAC [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 AUTH_KPDK_MD5 [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 AUTH_AES_XCBC_96 [RFC3566][RFC-ietf-ipsecme-ikev2bis-11.txt] 6 AUTH_HMAC_MD5_128 [RFC4595] 7 AUTH_HMAC_SHA1_160 [RFC4595] 8 AUTH_AES_CMAC_96 [RFC4494] 9 AUTH_AES_128_GMAC [RFC4543] 10 AUTH_AES_192_GMAC [RFC4543] 11 AUTH_AES_256_GMAC [RFC4543] 12 AUTH_HMAC_SHA2_256_128 [RFC4868] 13 AUTH_HMAC_SHA2_384_192 [RFC4868] 14 AUTH_HMAC_SHA2_512_256 [RFC4868] 15-1023 Unassigned 1024-65535 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type 4 - Diffie-Hellman Group Transform IDs Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Number Name Reference ------------ ---------------------------------- --------- 0 NONE [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 Group 1 - 768 Bit MODP Group [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 Group 2 - 1024 Bit MODP Group [RFC-ietf-ipsecme-ikev2bis-11.txt] 3-4 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 1536-bit MODP Group [RFC3526] 6-13 Unassigned [RFC-ietf-ipsecme-ikev2bis-11.txt] 14 2048-bit MODP Group [RFC3526] 15 3072-bit MODP Group [RFC3526] 16 4096-bit MODP Group [RFC3526] 17 6144-bit MODP Group [RFC3526] 18 8192-bit MODP Group [RFC3526] 19 256-bit random ECP group [RFC5903] 20 384-bit random ECP group [RFC5903] 21 521-bit random ECP group [RFC5903] 22 1024-bit MODP Group with 160-bit [RFC5114] Prime Order Subgroup 23 2048-bit MODP Group with 224-bit [RFC5114] Prime Order Subgroup 24 2048-bit MODP Group with 256-bit [RFC5114] Prime Order Subgroup 25 192-bit Random ECP Group [RFC5114] 26 224-bit Random ECP Group [RFC5114] 27-1023 Unassigned 1024-65535 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: Transform Type 5 - Extended Sequence Numbers Transform IDs Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Number Name Reference -------- ---------------------------------- --------- 0 No Extended Sequence Numbers [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 Extended Sequence Numbers [RFC-ietf-ipsecme-ikev2bis-11.txt] 2-65535 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Identification Payload ID Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value ID Type Reference -------- ------------------------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 ID_IPV4_ADDR [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 ID_FQDN [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 ID_RFC822_ADDR [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 Unassigned [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 ID_IPV6_ADDR [RFC-ietf-ipsecme-ikev2bis-11.txt] 6-8 Unassigned [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 ID_DER_ASN1_DN [RFC-ietf-ipsecme-ikev2bis-11.txt] 10 ID_DER_ASN1_GN [RFC-ietf-ipsecme-ikev2bis-11.txt] 11 ID_KEY_ID [RFC-ietf-ipsecme-ikev2bis-11.txt] 12 ID_FC_NAME [RFC4595] 13-200 Unassigned 201-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Certificate Encodings Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Certificate Encoding Reference -------- ----------------------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 PKCS #7 wrapped X.509 certificate [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 PGP Certificate [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 DNS Signed Key [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 X.509 Certificate - Signature [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 6 Kerberos Token [RFC-ietf-ipsecme-ikev2bis-11.txt] 7 Certificate Revocation List (CRL) [RFC-ietf-ipsecme-ikev2bis-11.txt] 8 Authority Revocation List (ARL) [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 SPKI Certificate [RFC-ietf-ipsecme-ikev2bis-11.txt] 10 X.509 Certificate - Attribute [RFC-ietf-ipsecme-ikev2bis-11.txt] 11 Raw RSA Key [RFC-ietf-ipsecme-ikev2bis-11.txt] 12 Hash and URL of X.509 certificate [RFC-ietf-ipsecme-ikev2bis-11.txt] 13 Hash and URL of X.509 bundle [RFC-ietf-ipsecme-ikev2bis-11.txt] 14 OCSP Content [RFC4806] 15-200 Unassigned 201-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Authentication Method Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Authentication Method Reference -------- ------------------------------------------ --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 RSA Digital Signature [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 Shared Key Message Integrity Code [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 DSS Digital Signature [RFC-ietf-ipsecme-ikev2bis-11.txt] 4-8 Unassigned [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 ECDSA with SHA-256 on the P-256 curve [RFC4754] 10 ECDSA with SHA-384 on the P-384 curve [RFC4754] 11 ECDSA with SHA-512 on the P-521 curve [RFC4754] 12-200 Unassigned 201-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Notify Message Types - Error Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Range Registration Procedures Notes ----------- ----------------------------- ----- 0-8191 Expert Review 8192-16383 Private use Registry: Value NOTIFY MESSAGES - ERROR TYPES Reference ------------ -------------------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 UNSUPPORTED_CRITICAL_PAYLOAD [RFC-ietf-ipsecme-ikev2bis-11.txt] 2-3 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 INVALID_IKE_SPI [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 INVALID_MAJOR_VERSION [RFC-ietf-ipsecme-ikev2bis-11.txt] 6 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 7 INVALID_SYNTAX [RFC-ietf-ipsecme-ikev2bis-11.txt] 8 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 INVALID_MESSAGE_ID [RFC-ietf-ipsecme-ikev2bis-11.txt] 10 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 11 INVALID_SPI [RFC-ietf-ipsecme-ikev2bis-11.txt] 12-13 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 14 NO_PROPOSAL_CHOSEN [RFC-ietf-ipsecme-ikev2bis-11.txt] 15-16 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 17 INVALID_KE_PAYLOAD [RFC-ietf-ipsecme-ikev2bis-11.txt] 18-23 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 24 AUTHENTICATION_FAILED [RFC-ietf-ipsecme-ikev2bis-11.txt] 25-33 RESERVED [RFC-ietf-ipsecme-ikev2bis-11.txt] 34 SINGLE_PAIR_REQUIRED [RFC-ietf-ipsecme-ikev2bis-11.txt] 35 NO_ADDITIONAL_SAS [RFC-ietf-ipsecme-ikev2bis-11.txt] 36 INTERNAL_ADDRESS_FAILURE [RFC-ietf-ipsecme-ikev2bis-11.txt] 37 FAILED_CP_REQUIRED [RFC-ietf-ipsecme-ikev2bis-11.txt] 38 TS_UNACCEPTABLE [RFC-ietf-ipsecme-ikev2bis-11.txt] 39 INVALID_SELECTORS [RFC-ietf-ipsecme-ikev2bis-11.txt] 40 UNACCEPTABLE_ADDRESSES [RFC4555] 41 UNEXPECTED_NAT_DETECTED [RFC4555] 42 USE_ASSIGNED_HoA [RFC5026] 43 TEMPORARY_FAILURE [RFC-ietf-ipsecme-ikev2bis-11.txt] 44 CHILD_SA_NOT_FOUND [RFC-ietf-ipsecme-ikev2bis-11.txt] 45-8191 Unassigned 8192-16383 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Notify Message Types - Status Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Range Registration Procedures Notes ----------- ----------------------------- ----- 16384-40959 Expert Review 40960-65535 Private use Registry: Value NOTIFY MESSAGES - STATUS TYPES Reference ------------ -------------------------------- --------- 16384 INITIAL_CONTACT [RFC-ietf-ipsecme-ikev2bis-11.txt] 16385 SET_WINDOW_SIZE [RFC-ietf-ipsecme-ikev2bis-11.txt] 16386 ADDITIONAL_TS_POSSIBLE [RFC-ietf-ipsecme-ikev2bis-11.txt] 16387 IPCOMP_SUPPORTED [RFC-ietf-ipsecme-ikev2bis-11.txt] 16388 NAT_DETECTION_SOURCE_IP [RFC-ietf-ipsecme-ikev2bis-11.txt] 16389 NAT_DETECTION_DESTINATION_IP [RFC-ietf-ipsecme-ikev2bis-11.txt] 16390 COOKIE [RFC-ietf-ipsecme-ikev2bis-11.txt] 16391 USE_TRANSPORT_MODE [RFC-ietf-ipsecme-ikev2bis-11.txt] 16392 HTTP_CERT_LOOKUP_SUPPORTED [RFC-ietf-ipsecme-ikev2bis-11.txt] 16393 REKEY_SA [RFC-ietf-ipsecme-ikev2bis-11.txt] 16394 ESP_TFC_PADDING_NOT_SUPPORTED [RFC-ietf-ipsecme-ikev2bis-11.txt] 16395 NON_FIRST_FRAGMENTS_ALSO [RFC-ietf-ipsecme-ikev2bis-11.txt] 16396 MOBIKE_SUPPORTED [RFC4555] 16397 ADDITIONAL_IP4_ADDRESS [RFC4555] 16398 ADDITIONAL_IP6_ADDRESS [RFC4555] 16399 NO_ADDITIONAL_ADDRESSES [RFC4555] 16400 UPDATE_SA_ADDRESSES [RFC4555] 16401 COOKIE2 [RFC4555] 16402 NO_NATS_ALLOWED [RFC4555] 16403 AUTH_LIFETIME [RFC4478] 16404 MULTIPLE_AUTH_SUPPORTED [RFC4739] 16405 ANOTHER_AUTH_FOLLOWS [RFC4739] 16406 REDIRECT_SUPPORTED [RFC5685] 16407 REDIRECT [RFC5685] 16408 REDIRECTED_FROM [RFC5685] 16409 TICKET_LT_OPAQUE [RFC5723] 16410 TICKET_REQUEST [RFC5723] 16411 TICKET_ACK [RFC5723] 16412 TICKET_NACK [RFC5723] 16413 TICKET_OPAQUE [RFC5723] 16414 LINK_ID [RFC5739] 16415 USE_WESP_MODE [RFC5840] 16416 ROHC_SUPPORTED [RFC5857] 16417 EAP_ONLY_AUTHENTICATION [RFC-ietf-ipsecme-eap-mutual-05.txt] 16418 CHILDLESS_IKE_SUPPORTED [RFC-nir-ipsecme-childless-06.txt] 16419-40959 Unassigned 40960-65535 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Sub-registry: IKEv2 Notification IPCOMP Transform IDs (Value 16387) Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value Compression Type Reference -------- ---------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 IPCOMP_OUI [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 IPCOMP_DEFLATE [RFC2394] 3 IPCOMP_LZS [RFC2395] 4 IPCOMP_LZJH [RFC3051] 5-240 Unassigned 241-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Security Protocol Identifiers Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Protocol ID Protocol Reference ----------- ---------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 IKE [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 AH [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 ESP [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 FC_ESP_HEADER [RFC4595] 5 FC_CT_AUTHENTICATION [RFC4595] 6-200 Unassigned 201-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Traffic Selector Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value TS Type Reference -------- -------------------------- --------- 0-6 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 7 TS_IPV4_ADDR_RANGE [RFC-ietf-ipsecme-ikev2bis-11.txt] 8 TS_IPV6_ADDR_RANGE [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 TS_FC_ADDR_RANGE [RFC4595] 10-240 Unassigned 241-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Configuration Payload CFG Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Registry: Value CFG Type Reference -------- ------------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 CFG_REQUEST [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 CFG_REPLY [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 CFG_SET [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 CFG_ACK [RFC-ietf-ipsecme-ikev2bis-11.txt] 5-127 Unassigned 128-255 Private use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Configuration Payload Attribute Types Reference: [RFC-ietf-ipsecme-ikev2bis-11.txt] Registration Procedures: Expert Review Note: Attribute Types with an "*" may be multi-valued on return only if multiple values were requested. Registry: Value Attribute Type Multi-Valued Length Reference ----------- -------------------------- ------------ -------------- --------- 0 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 1 INTERNAL_IP4_ADDRESS YES* 0 or 4 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 2 INTERNAL_IP4_NETMASK NO 0 or 4 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 3 INTERNAL_IP4_DNS YES 0 or 4 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 4 INTERNAL_IP4_NBNS YES 0 or 4 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 5 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 6 INTERNAL_IP4_DHCP YES 0 or 4 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 7 APPLICATION_VERSION NO 0 or more [RFC-ietf-ipsecme-ikev2bis-11.txt] 8 INTERNAL_IP6_ADDRESS YES* 0 or 17 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 9 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 10 INTERNAL_IP6_DNS YES 0 or 16 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 11 Reserved [RFC-ietf-ipsecme-ikev2bis-11.txt] 12 INTERNAL_IP6_DHCP YES 0 or 16 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 13 INTERNAL_IP4_SUBNET YES 0 or 8 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 14 SUPPORTED_ATTRIBUTES NO Multiple of 2 [RFC-ietf-ipsecme-ikev2bis-11.txt] 15 INTERNAL_IP6_SUBNET YES 17 octets [RFC-ietf-ipsecme-ikev2bis-11.txt] 16 MIP6_HOME_PREFIX YES 0 or 21 octets [RFC5026] 17 INTERNAL_IP6_LINK NO 8 or more [RFC5739] 18 INTERNAL_IP6_PREFIX YES 17 octets [RFC5739] 19 HOME_AGENT_ADDRESS NO 16 or 20 [3GPP TS 24.302][Meredith] 20-16383 Unassigned 16384-32767 Private Use [RFC-ietf-ipsecme-ikev2bis-11.txt] Registry Name: IKEv2 Gateway Identity Types Reference: [RFC5685] Registration Procedures: Expert Review Registry: Value Description Reference ------- --------------------------------------------- --------- 0 Reserved [RFC5685] 1 IPv4 address of the VPN gateway [RFC5685] 2 IPv6 address of the VPN gateway [RFC5685] 3 FQDN of the VPN gateway [RFC5685] 4-240 Unassigned 241-255 Reserved for Private Use [RFC5685] Registry Name: ROHC Attribute Types Reference: [RFC5857] Registration Procedures: Expert Review Registry: Value ROHC Attribute Type Format Reference ----------- --------------------------------------------- ------ --------- 0 Reserved [RFC5857] 1 Maximum Context Identifier (MAX_CID) TV [RFC5857] 2 ROHC Profile (ROHC_PROFILE) TV [RFC5857] 3 ROHC Integrity Algorithm (ROHC_INTEG) TV [RFC5857] 4 ROHC ICV Length in bytes (ROHC_ICV_LEN) TV [RFC5857] 5 Maximum Reconstructed Reception Unit (MRRU) TV [RFC5857] 6-16383 Unassigned 16384-32767 Reserved for Private Use [RFC5857] References ---------- [3GPP TS 24.302] http://www.3gpp.org/ftp/Specs/html-info/24302.htm [RFC1826] R. Atkinson, "IP Authentication Header", RFC 1826, August 1995. [RFC1827] R. Atkinson, "IP Encapsulating Security Payload (ESP)", RFC 1827, August 1995. [RFC2104] H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997. [RFC2394] R. Pereira, "IP Payload Compression Using DEFLATE", RFC 2394, December 1998. [RFC2395] R. Friend and R. Monsour, "IP Payload Compression Using LZS", RFC 2395, December 1998. [RFC2403] C. Madson and R. Glenn, "The Use of HMAC-MD5-96 within ESP and AH", RFC 2403, November 1998. [RFC2404] C. Madson and R. Glenn, "The Use of HMAC-SHA-1-96 within ESP and AH", RFC 2404, November 1998. [RFC2405] C. Madson and N. Doraswamy, "The ESP DES-CBC Cipher Algorithm With Explicit IV", RFC 2405, November 1998. [RFC2410] R. Glenn and S. Kent, "The NULL Encryption Algorithm and Its Use With IPsec", November 1998. [RFC2451] K. Poduri and K. Nichols, "The ESP CBC-Mode Cipher Algorithms", RFC 2451, September 1998. [RFC3051] J. Heath and J. Border, "IP Payload Compression Using ITU-T V.44 Packet Method", RFC 3051, January 2001. [RFC3526] T. Kivinen and M. Kojo, "More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)", RFC 3526, May 2003. [RFC3566] S. Frankel and H. Herbert, "The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec", RFC 3566, September 2003. [RFC3602] S. Frankel, R. Glenn, and S. Kelly, "The AES-CBC Cipher Algorithm and Its Use with IPsec", RFC 3602, September 2003. [RFC3686] R. Housley, "Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)", RFC 3686, January 2004. [RFC4106] J. Viega and D. McGrew, "The Use of Galois/Counter Mode (GCM) in IPsec ESP", RFC 4106, June 2005. [RFC4309] R. Housley, "Using AES CCM Mode With IPsec E", RFC 4309, December 2005. [RFC4434] P. Hoffman, "The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)", RFC 4434, February 2006. [RFC4478] Y. Nir, "Repeated Authentication in IKEv2", RFC 4478, April 2006. [RFC4494] J. Song, R. Poovendran and J. Lee, "The AES-CMAC-96 Algorithm and its use with IPsec", RFC 4494, June 2006. [RFC4543] D. McGrew and J. Viega, "The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH", RFC 4543, May 2006. [RFC4555] P. Eronen, "IKEv2 Mobility and Multihoming Protocol (MOBIKE)", RFC 4555, June 2006. [RFC4595] F. Maino and D. Black, "Use of IKEv2 in The Fibre Channel Security Association Management Protocol", RFC 4595, July 2006. [RFC4615] J. Song, R. Poovendran, J. Lee and T. Iwata, "The AES-CMAC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)", RFC 4615, August 2006. [RFC4739] P. Eronen, J. Korhonen, "Multiple Authentication Exchanges in IKEv2", RFC 4739, November 2006. [RFC4754] D. Fu, J. Solinas, "IKE and IKEv2 Authentication Using ECDSA", RFC 4754, January 2007. [RFC4806] M. Myers, H. Tschofenig, "OCSP Extensions to IKEv2", RFC 4806, February 2007. [RFC4868] S. Kelly, S. Frankel, "Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 With IPsec", RFC 4868, May 2007. [RFC5026] G. Giaretta, Ed., J. Kempf and V. Devarapalli, Ed., "Mobile IPv6 bootstrapping in split scenario", RFC 5026, October 2007. [RFC5114] M. Lepinski, S. Kent, "Additional Diffie-Hellman Groups for use with IETF Standards", RFC 5114, January 2008. [RFC5282] D. Black, D. McGrew, "Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol", RFC 5282, August 2008. [RFC5529] A. Kato, M. Kanda, S. Kanno, "Modes of Operation for Camellia for Use With IPsec", RFC 5529, April 2009. [RFC5685] V. Devarapalli, K. Weniger, "Redirect Mechanism for IKEv2", RFC 5685, November 2009. [RFC5723] Y. Sheffer, H. Tschofenig, "IKEv2 Session Resumption", RFC 5723, January 2010. [RFC5739] P. Eronen, J. Laganier, C. Madson, "IPv6 Configuration in IKEv2", RFC 5739, February 2010. [RFC5840] K. Grewal, G. Montenegro, M. Bhatia, "Wrapped ESP for Traffic Visibility", RFC 5840, April 2010. [RFC5857] E. Ertekin, C. Christou, R. Jasani, B. Hamilton, T. Kivinen, C. Borman, "IKEv2 Extensions to Support Robust Header Compression over IPsec", RFC 5857, May 2010. [RFC5903] D. Fu, J. Solinas, "ECP Groups for IKE and IKEv2", RFC 5903, June 2010. [RFC5930] S. Shen, Y. Mao, N. Murthy, "Using Advanced Encryption Standard (AES) Counter Mode with IKEv2", RFC 5930, July 2010. [RFC-ietf-ipsecme-ikev2bis-11.txt] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, "Internet Key Exchange Protocol: IKEv2", RFC XXXX, Month Year. [RFC-ietf-ipsecme-eap-mutual-05.txt] P. Eronen, H. Tschofenig, Y. Sheffer, "An Extension for EAP-Only Authentication in IKEv2", RFC XXXX, Month Year. [RFC-nir-ipsecme-childless-06.txt] Y. Nir, H. Tschofenig, H. Deng, R. Singh, "A Childless Initiation of the IKE SA", RFC XXXX, Month Year. People ------ [Ball] Matt Ball, , 2007-10-11. [Meredith] John Meredith, , 17 May 2010. (registry created 2005-01-18) []