wimaxing 2008-7-5 12:41
RFC5106-The Extensible Authentication Protocol-Internet Key Exchange Protocol
【资料成文时间】: 2007
【语言】:英文
【页数】:33
【何人(公司)所著】:
【文件格式】: PDF
【文件原名】:The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2 (EAP-IKEv2) Method
【摘要或目录】:
Table of Contents
1. Introduction ....................................................3
2. Terminology .....................................................4
3. Protocol Overview ...............................................6
4. Fast Reconnect ..................................................9
5. Key Derivation .................................................12
6. Session ID, Peer ID, and Server ID .............................13
7. Error Handling .................................................13
8. Specification of Protocol Fields ...............................16
8.1. The Flags, Message Length, and Integrity Checksum
Data Fields ...............................................17
8.2. EAP-IKEv2 Header ..........................................19
8.3. Security Association Payload ..............................19
8.4. Key Exchange Payload ......................................20
8.5. Nonce Payload .............................................20
8.6. Identification Payload ....................................20
8.7. Certificate Payload .......................................20
8.8. Certificate Request Payload ...............................20
8.9. Encrypted Payload .........................................20
8.10. Authentication Payload ...................................20
8.11. Notify Payload ...........................................21
8.12. Next Fast-ID Payload .....................................21
9. Payload Types and Extensibility ................................22
10. Security Considerations .......................................22
10.1. Protected Ciphersuite Negotiation ........................23
10.2. Mutual Authentication ....................................23
10.3. Integrity Protection .....................................23
10.4. Replay Protection ........................................23
10.5. Confidentiality ..........................................23
10.6. Key Strength .............................................24
10.7. Dictionary Attack Resistance .............................24
10.8. Fast Reconnect ...........................................25
10.9. Cryptographic Binding ....................................25
10.10. Session Independence ....................................25
10.11. Fragmentation ...........................................26
10.12. Channel Binding .........................................26
10.13. Summary .................................................26
11. IANA Considerations ...........................................27
12. Contributors ..................................................28
13. Acknowledgements ..............................................28
14. References ....................................................29
14.1. Normative References .....................................29
14.2. Informative References ...................................29
Appendix A ........................................................30