{"draft":"draft-ietf-lwig-ikev2-minimal-05","doc_id":"RFC7815","title":"Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation","authors":["T. Kivinen"],"format":["ASCII","HTML"],"page_count":"41","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Light-Weight Implementation Guidance","abstract":"This document describes a minimal initiator version of the Internet\r\nKey Exchange version 2 (IKEv2) protocol for constrained nodes.  IKEv2\r\nis a component of IPsec used for performing mutual authentication and\r\nestablishing and maintaining Security Associations (SAs).  IKEv2\r\nincludes several optional features, which are not needed in minimal\r\nimplementations.  This document describes what is required from the\r\nminimal implementation and also describes various optimizations that\r\ncan be done.  The protocol described here is interoperable with a\r\nfull IKEv2 implementation using shared secret authentication (IKEv2\r\ndoes not require the use of certificate authentication).  This\r\nminimal initiator implementation can only talk to a full IKEv2\r\nimplementation acting as the responder; thus, two minimal initiator\r\nimplementations cannot talk to each other.\r\n\r\nThis document does not update or modify RFC 7296 but provides a more\r\ncompact description of the minimal version of the protocol.  If this\r\ndocument and RFC 7296 conflict, then RFC 7296 is the authoritative\r\ndescription.","pub_date":"March 2016","keywords":["IKE","IPsec","IoT","Constrained"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7815","errata_url":null}