[IPsec] I-D Action: draft-ietf-ipsecme-ikev2-downgrade-prevention-07.txt
internet-drafts@ietf.org Wed, 24 June 2026 13:19 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@mail2.ietf.org
Received: from [10.244.22.182] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id 8ADBD1067643F; Wed, 24 Jun 2026 06:19:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782307159; bh=XPQ4UILBdNcm3fMIDHwGieKusAw/sP5KzLF8tcXAV+8=; h=From:To:Cc:Subject:Reply-To:Date; b=F6eZRY478P/n99VlI7JVlr6pTgkKRxXQBEGklxRTxLvtWuYdfDylAw1tU6xuY2zm7 ajzFFvgbXxn+xhj3dlIirEs+IRkNrI7a229xNQskKf1EkJoQZasgjqZ98h7ivJiQep UO9y4YKbISaev8FiCwCTbI2CozwIFF17clj5OVz0=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.67.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <178230715948.1332401.11634402619811820456@dt-datatracker-f9b87776f-xzl65>
Date: Wed, 24 Jun 2026 06:19:19 -0700
Message-ID-Hash: 45SSLAJFQPTVYYDLWXQGIBDGADN4YEF5
X-Message-ID-Hash: 45SSLAJFQPTVYYDLWXQGIBDGADN4YEF5
X-MailFrom: internet-drafts@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipsec.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ipsec@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: ipsec@ietf.org
Subject: [IPsec] I-D Action: draft-ietf-ipsecme-ikev2-downgrade-prevention-07.txt
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/W03hcwB_SPl60rCeYEKeqMMWpUE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Owner: <mailto:ipsec-owner@ietf.org>
List-Post: <mailto:ipsec@ietf.org>
List-Subscribe: <mailto:ipsec-join@ietf.org>
List-Unsubscribe: <mailto:ipsec-leave@ietf.org>
Internet-Draft draft-ietf-ipsecme-ikev2-downgrade-prevention-07.txt is now
available. It is a work item of the IP Security Maintenance and Extensions
(IPSECME) WG of the IETF.
Title: Downgrade Prevention for the Internet Key Exchange Protocol Version 2 (IKEv2)
Authors: Valery Smyslov
Christopher Patton
Name: draft-ietf-ipsecme-ikev2-downgrade-prevention-07.txt
Pages: 14
Dates: 2026-06-24
Abstract:
This document describes an extension to the Internet Key Exchange
protocol version 2 (IKEv2) in which the peers authenticate the full
IKE_SA_INIT transcript. When both peers implement the extension and
at least one relevant authentication credential is not compromised,
this prevents certain downgrade attacks on IKEv2.
This document updates RFC 7296.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-downgrade-prevention/
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-ikev2-downgrade-prevention-07
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-ipsecme-ikev2-downgrade-prevention-07
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
- [IPsec] Re: I-D Action: draft-ietf-ipsecme-ikev2-… Valery Smyslov
- [IPsec] I-D Action: draft-ietf-ipsecme-ikev2-down… internet-drafts