Section 5.9. References


5.9. References

Here's a list of the most important RFCs and drafts mentioned in this chapter. Sometimes I include additional subject-related RFCs for your personal further study.

5.9.1. RFCs

  • RFC 1828, "IP Authentication using Keyed MD5," 1995

  • RFC 1829, "The ESP DES-CBC Transform," 1995

  • RFC 1918, "Address Allocation for Private Internets," 1996

  • RFC 2085, "HMAC-MD5 IP Authentication with Replay Prevention," 1997

  • RFC 2104, "HMAC: Keyed-Hashing for Message Authentication," 1997

  • RFC 2401, "Security Architecture for the Internet Protocol," 1998

  • RFC 2402, "IP Authentication Header," 1998

  • RFC 2403, "The Use of HMAC-MD5-96 within ESP and AH," 1998

  • RFC 2404, "The Use of HMAC-SHA-1-96 within ESP and AH," 1998

  • RFC 2405, "The ESP DES-CBC Cipher Algorithm With Explicit IV," 1998

  • RFC 2406, "IP Encapsulating Security Payload (ESP)," 1998

  • RFC 2407, "The Internet IP Security Domain of Interpretation for ISAKMP," 1998

  • RFC 2408, "Internet Security Association and Key Management Protocol (ISAKMP)," 1998

  • RFC 2409, "The Internet Key Exchange (IKE)," 1998

  • RFC 2410, "The NULL Encryption Algorithm and Its Use With IPsec," 1998

  • RFC 2411, "IP Security Document Roadmap," 1998

  • RFC 2412, "The OAKLEY Key Determination Protocol," 1998

  • RFC 2451, "The ESP CBC-Mode Cipher Algorithms," 1998

  • RFC 2462, "IPv6 Stateless Address Autoconfiguration," 1998

  • RFC 2553, "Basic Socket Interface Extensions for IPv6," 1999

  • RFC 3056, "Connection of IPv6 Domains Via IPv4 Clouds," 2001

  • RFC 3068, "An Anycast Prefix for 6to4 Relay Routers," 2001

  • RFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)," 2003

  • RFC 3602, "The AES-CBC Cipher Algorithm and Its Use with IPsec," 2003

  • RFC 3631, "Security Mechanisms for the Internet," 2003

  • RFC 3715, "IPsec-Network Address Translation (NAT) Compatibility Requirements," 2004

  • RFC 3739, "Internet X.509 Public Key Infrastructure: Qualified Certificates Profile," 2004

  • RFC 3740, "The Multicast Group Security Architecture," 2004

  • RFC 3748, "Extensible Authentication Protocol (EAP)," 2004

  • RFC 3754, "IP Multicast in Differentiated Services (DS) Networks," 2004

  • RFC 3756, "IPv6 Neighbor Discovery (ND) Trust Models and Threats," 2004

  • RFC 3765, "NOPEER Community for Border Gateway Protocol (BGP) Route Scope Control," 2004

  • RFC 3947, "Negotiation of NAT-Traversal in the IKE," 2005

  • RFC 3948, "UDP Encapsulation of IPsec ESP Packets," 2005

  • RFC 3964, "Security Considerations for 6to4," 2004

  • RFC 3971, "SEcure Neighbor Discovery (SEND)," 2005

  • RFC 3972, "Cryptographically Generated Addresses (CGA)," 2005

  • RFC 4033, "DNS Security Introduction and Requirements," 2005

  • RFC 4035, "Protocol Modifications for the DNS Security Extensions," 2005

  • RFC 4106, "The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)," 2005

  • RFC 4107, "Guidelines for Cryptographic Key Management," 2005

  • RFC 4109, "Algorithms for Internet Key Exchange version 1 (IKEv1)," 2005

  • RFC 4285, "Authentication Protocol for Mobile IPv6," 2005

  • RFC 4301, "Security Architecture for the Internet Protocol," 2005

  • RFC 4302, "IP Authentication Header," 2005

  • RFC 4303, "IP Encapsulating Security Payload (ESP)," 2005

  • RFC 4305, "Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)," 2005

  • RFC 4306, "Internet Key Exchange (IKEv2) Protocol," 2005

  • RFC 4307, "Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)," 2005

  • RFC 4308, "Cryptographic Suites for IPsec," 2005

  • RFC 4309, " Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)," 2005

  • RFC 4359, "The Use of RSA/SHA-1 Signatures within Encapsulating Security Payload (ESP) and Authentication Header (AH)," 2006

  • RFC 4380, "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)," 2006

5.9.2. Drafts

Drafts can be found at http://www.ietf.org/ID.html. To locate the latest version of a draft, refer to https://datatracker.ietf.org/public/pidtracker.cgi. You can enter the draft name without a version number and the most current version will come up. If a draft does not show up, it was either deleted or published as an RFC. Alternatively, you can go to the new Internet drafts database interface at https://datatracker.ietf.org/public/idindex.cgi. http://tools.ietf.org/wg is also a very useful site. More information on the process of standardization, RFCs, and drafts can be found in the Appendix.

Here's a list of drafts I refer to in this chapter, as well as interesting drafts that relate to the topics in this chapter:

  • draft-ietf-v6ops-ipsec-tunnels-02.txt, Using IPsec to Secure IPv6-in-IPv4 Tunnels

  • draft-blanchet-v6ops-tunnelbroker-tsp-03.txt, IPv6 Tunnel Broker with the Tunnel Setup Protocol (TSP)

  • draft-ietf-v6ops-security-overview-04.txt, IPv6 Transition/Co-existence Security Considerations

  • draft-ietf-mip6-ikev2-ipsec-05.txt, Mobile IPv6 Operation with IKEv2 and the revised IPsec

  • draft-ietf-mobike-protocol-08.txt, IKEv2 Mobility and Multihoming Protocol (MOBIKE)

  • draft-ietf-mobike-design-08.txt, Design of the MOBIKE Protocol

  • draft-ietf-v6ops-nap-02.txt, IPv6 Network Architecture Protection

  • draft-ietf-bmwg-ipsec-term-08.txt, Terminology for Benchmarking IPsec Devices

  • draft-ietf-bmwg-ipsec-meth-01.txt, Methodology for Benchmarking IPsec Devices

  • draft-ietf-v6ops-icmpv6-filtering-bcp-01.txt, Best Current Practice for Filtering ICMPv6 Messages in Firewalls



IPv6 Essentials
IPv6 Essentials
ISBN: 0596100582
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Silvia Hagen

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net