IKE
Click on the red underlined text to get to the source
... IKE Impact ...
... hosts can
communicate using IPsec without having used IKE to negotiate keys
(through manually keyed SAs, for example). Despite its name, IKE ...
... IKE to negotiate keys
(through manually keyed SAs, for example). Despite its name, IKE
also acts as a tunnel management protocol ...
... security policies between the peers.
Alternatives 1 and 3 use existing IKE without changes.
One possible approach to use IKE ...
... IKE without changes.
One possible approach to use IKE with IIPtran is to negotiate a
tunnel mode SA ...
... IIPtran eliminates IPsec tunnel mode, it could also
simplify IKE, by limiting it to its original purpose of key exchange.
A new tunnel ...
... tunnels, use an as of yet unspecified second protocol to negotiate
security policy, and then use IKE to exchange keys for use with the
policy.
...
... policy.
Current IKE operation would become a modular composition of separate
protocols, similar to how IIPtran modularizes IPsec ...
... VPN link creation could
follow these steps: (1) IKE negotiation in the base network to secure
...
... 8] in the base network,
followed by (3) IKE exchanges over the established tunnel to create a
...
...
The authors would also like to thank Jun-ichiro (itojun) Hagino and
the KAME project for bringing IKE implications of this proposal to
our attention, as well as implementing the mechanisms in this
document in the KAME IPv6 ...
... Harkins, D. and D. Carrel, "The Internet Key Exchange (IKE)", RFC 2409(-> 4306prop), November 1998. ...