5.5. Overview of New IPsec RFCs Table 5-4 contains a comparison of the old and new RFCs for your reference. Table 5-4. Overview of RFCsOld specification | Title | New specification |
|---|
RFC 2401 | Security Architecture for the Internet Protocol | RFC 4301 (obsoletes 2401) | RFC 2402 | IP Authentication Header | RFC 4302 (obsoletes 2402) | RFC 2404 | Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) | RFC 4305 (obsoletes 2404 and 2406) | RFC 2406 | IP Encapsulating Security Payload (ESP) | RFC 4303 and RFC 4305 (obsolete 2406) | RFC 2407 | IKEv2 | RFC 4306 (obsoletes 2407, 2408, 2409) | RFC 2408 | | | RFC 2409 | | | N/A | Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2) | RFC 4307 | N/A | Cryptographic Suites for IPsec | RFC 4308 | N/A | Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP) | RFC 4309 | RFC 2409 | IKEv1 | RFC 4109 (updates 2409) |
Until IKEv2 is universally adopted, it is important that nodes support IKEv1 by supporting RFCs 2407, 2408, 2409, and 4109. |