RFC 2408 (rfc2408) - Page 1 of 86
Internet Security Association and Key Management Protocol (ISAKMP)
Alternative Format: Original Text Document
Network Working Group D. Maughan
Request for Comments: 2408 National Security Agency
Category: Standards Track M. Schertler
Securify, Inc.
M. Schneider
National Security Agency
J. Turner
RABA Technologies, Inc.
November 1998
Internet Security Association and Key Management Protocol (ISAKMP)
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
Abstract
This memo describes a protocol utilizing security concepts necessary
for establishing Security Associations (SA) and cryptographic keys in
an Internet environment. A Security Association protocol that
negotiates, establishes, modifies and deletes Security Associations
and their attributes is required for an evolving Internet, where
there will be numerous security mechanisms and several options for
each security mechanism. The key management protocol must be robust
in order to handle public key generation for the Internet community
at large and private key requirements for those private networks with
that requirement. The Internet Security Association and Key
Management Protocol (ISAKMP) defines the procedures for
authenticating a communicating peer, creation and management of
Security Associations, key generation techniques, and threat
mitigation (e.g. denial of service and replay attacks). All of
these are necessary to establish and maintain secure communications
(via IP Security Service or any other security protocol) in an
Internet environment.
Maughan, et. al. Standards Track