2401: Security Architecture for the Internet Protocol.

Obsoleted by

• RFC4301: Security Architecture for the Internet Protocol.

Updated by

• RFC3168: The Addition of Explicit Congestion Notification (ECN) to

Obsoletes

• RFC1825: Security Architecture for the Internet Protocol.

References

• RFC791: Internet Protocol.
• RFC792: Internet Control Message Protocol.
• RFC950: Internet Standard Subnetting Procedure.
• RFC1108: U.S. Department of Defense Security Options for the Internet Protocol.
• RFC1122: Requirements for Internet Hosts - Communication Layers.
• RFC1191: Path MTU discovery.
• RFC1256: ICMP Router Discovery Messages.
• RFC1393: Traceroute Using an IP Option.
• RFC1475: TP/IX: The Next Internet.
• RFC1704: On Internet Authentication.
• RFC1812: Requirements for IP Version 4 Routers.
• RFC1825: Security Architecture for the Internet Protocol.
• RFC1885: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6).
• RFC2003: IP Encapsulation within
• RFC2094: Group Key Management Protocol (GKMP) Architecture.
• RFC2119: Key words for use in RFCs to Indicate Requirement Levels.
• RFC2393: IP Payload Compression Protocol (IPComp).
• RFC2402: IP Authentication Header.
• RFC2406: IP Encapsulating Security Payload (ESP).
• RFC2407: The Internet IP Security Domain of Interpretation for
• RFC2408: Internet Security Association and Key Management Protocol (ISAKMP).
• RFC2409: The Internet Key Exchange (IKE).
• RFC2411: IP Security Document Roadmap.
• RFC2412: The OAKLEY Key Determination Protocol.

Referenced by

• RFC2402: IP Authentication Header.
• RFC2403: The Use of HMAC-MD5-96 within ESP and
• RFC2404: The Use of HMAC-SHA-1-96 within ESP and
• RFC2405: The ESP DES-CBC Cipher Algorithm With Explicit
• RFC2406: IP Encapsulating Security Payload (ESP).
• RFC2407: The Internet IP Security Domain of Interpretation for
• RFC2408: Internet Security Association and Key Management Protocol (ISAKMP).
• RFC2411: IP Security Document Roadmap.
• RFC2412: The OAKLEY Key Determination Protocol.
• RFC2451: The ESP CBC-Mode Cipher Algorithms.
• RFC2460: Internet Protocol, Version 6 (IPv6) Specification.
• RFC2461: Neighbor Discovery for IP Version 6 (IPv6).
• RFC2463: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification.
• RFC2473: Generic Packet Tunneling in IPv6 Specification.
• RFC2477: Criteria for Evaluating Roaming Protocols.
• RFC2486: The Network Access Identifier.
• RFC2535: Domain Name System Security Extensions.
• RFC2543: SIP: Session Initiation Protocol.
• RFC2547: BGP/MPLS VPNs.
• RFC2590: Transmission of IPv6 Packets over Frame Relay Networks Specification.
• RFC2624: NFS Version 4 Design Considerations.
• RFC2628: Simple Cryptographic Program Interface (Crypto API).
• RFC2661: Layer Two Tunneling Protocol "L2TP".
• RFC2663: IP Network Address Translator (NAT) Terminology and Considerations.
• RFC2667: IP Tunnel
• RFC2705: Media Gateway Control Protocol (MGCP) Version 1.0.
• RFC2709: Security Model with Tunnel-mode IPsec for NAT Domains.
• RFC2719: Framework Architecture for Signaling Transport.
• RFC2730: Multicast Address Dynamic Client Allocation Protocol (MADCAP).
• RFC2747: RSVP Cryptographic Authentication.
• RFC2748: The COPS (Common Open Policy Service) Protocol.
• RFC2764: A Framework for IP Based Virtual Private Networks.
• RFC2765: Stateless IP/ICMP Translation Algorithm (SIIT).
• RFC2775: Internet Transparency.
• RFC2825: A Tangled Web: Issues of I18N, Domain Names, and the Other Internet protocols. IAB, L. Daigle, ed..
• RFC2828: Internet Security Glossary.
• RFC2829: Authentication Methods for
• RFC2830: Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security.
• RFC2848: The PINT Service Protocol: Extensions to SIP and SDP for IP Access to Telephone Call Services.
• RFC2868: RADIUS Attributes for Tunnel Protocol Support.
• RFC2881: Network Access Server Requirements Next Generation (NASREQNG) NAS Model.
• RFC2885: Megaco Protocol version 0.8.
• RFC2888: Secure Remote Access with L2TP.
• RFC2890: Key and Sequence Number Extensions to
• RFC2894: Router Renumbering for IPv6.
• RFC2909: The Multicast Address-Set Claim (MASC) Protocol.
• RFC2923: TCP Problems with Path MTU Discovery.
• RFC2960: Stream Control Transmission Protocol.
• RFC2983: Differentiated Services and Tunnels.
• RFC2993: Architectural Implications of
• RFC2998: A Framework for Integrated Services Operation over Diffserv Networks.
• RFC3015: Megaco Protocol Version 1.0.
• RFC3027: Protocol Complications with the IP Network Address Translator.
• RFC3041: Privacy Extensions for Stateless Address Autoconfiguration in IPv6.
• RFC3046: DHCP Relay Agent Information Option.
• RFC3053: IPv6 Tunnel Broker.
• RFC3057: ISDN Q.921-User Adaptation Layer.
• RFC3080: The Blocks Extensible Exchange Protocol Core.
• RFC3104: RSIP Support for End-to-end IPsec.
• RFC3111: Service Location Protocol Modifications for IPv6.
• RFC3117: On the Design of Application Protocols.
• RFC3122: Extensions to IPv6 Neighbor Discovery for Inverse Discovery Specification.
• RFC3129: Requirements for Kerberized Internet Negotiation of Keys.
• RFC3135: Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations.
• RFC3150: End-to-end Performance Implications of Slow Links.
• RFC3154: Requirements and Functional Architecture for an IP Host Alerting Protocol.
• RFC3162: RADIUS and IPv6.
• RFC3168: The Addition of Explicit Congestion Notification (ECN) to
• RFC3193: Securing L2TP using IPsec.
• RFC3219: Telephony Routing over IP (TRIP).
• RFC3238: IAB Architectural and Policy Considerations for Open Pluggable Edge Services.
• RFC3257: Stream Control Transmission Protocol Applicability Statement.
• RFC3261: SIP: Session Initiation Protocol.
• RFC3269: Author Guidelines for Reliable Multicast Transport (RMT) Building Blocks and Protocol Instantiation documents.
• RFC3315: Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
• RFC3316: Internet Protocol Version 6 (IPv6) for Some Second and Third Generation Cellular Hosts.
• RFC3329: Security Mechanism Agreement for the Session Initiation Protocol (SIP).
• RFC3331: Signaling System 7 (SS7) Message Transfer Part 2 (MTP2) - User Adaptation Layer.
• RFC3371: Layer Two Tunneling Protocol "L2TP" Management Information Base.
• RFC3374: Problem Description: Reasons For Performing Context Transfers Between Nodes in an IP Access Network.
• RFC3378: EtherIP: Tunneling Ethernet Frames in IP Datagrams.
• RFC3386: Network Hierarchy and Multilayer Survivability.
• RFC3423: XACCT's Common Reliable Accounting for Network Element (CRANE) Protocol Specification Version 1.0.
• RFC3435: Media Gateway Control Protocol (MGCP) Version 1.0.
• RFC3446: Anycast Rendevous Point (RP) mechanism using Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP).
• RFC3456: Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode.
• RFC3457: Requirements for IPsec Remote Access Scenarios.
• RFC3473: Generalized Multi-Protocol Label Switching (GMPLS) Signaling Resource ReserVation Protocol-Traffic Engineering (RSVP-TE) Extensions.
• RFC3481: TCP over Second (2.5G) and Third (3G) Generation Wireless Networks.
• RFC3521: Framework for Session Set-up with Media Authorization.
• RFC3525: Gateway Control Protocol Version 1.
• RFC3539: Authentication, Authorization and Accounting (AAA) Transport Profile.
• RFC3547: The Group Domain of Interpretation.
• RFC3550: RTP: A Transport Protocol for Real-Time Applications.
• RFC3554: On the Use of Stream Control Transmission Protocol (SCTP) with IPsec.
• RFC3559: Multicast Address Allocation
• RFC3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec.
• RFC3569: An Overview of Source-Specific Multicast (SSM).
• RFC3576: Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS).
• RFC3579: RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP).
• RFC3580: IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines.
• RFC3585: IPsec Configuration Policy Information Model.
• RFC3586: IP Security Policy (IPSP) Requirements.
• RFC3588: Diameter Base Protocol.
• RFC3599: Request for Comments Summary RFC Numbers 3500-3599.
• RFC3602: The AES-CBC Cipher Algorithm and Its Use with IPsec.
• RFC3624: The Media Gateway Control Protocol (MGCP) Bulk Audit Package.
• RFC3631: Security Mechanisms for the Internet.
• RFC3639: Considerations on the use of a Service Identifier in Packet Headers.
• RFC3684: Topology Dissemination Based on Reverse-Path Forwarding (TBRPF).
• RFC3686: Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP).
• RFC3697: IPv6 Flow Label Specification.
• RFC3706: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers.
• RFC3711: The Secure Real-time Transport Protocol (SRTP).
• RFC3715: IPsec-Network Address Translation (NAT) Compatibility Requirements.
• RFC3720: Internet Small Computer Systems Interface (iSCSI).
• RFC3723: Securing Block Storage Protocols over
• RFC3740: The Multicast Group Security Architecture.
• RFC3746: Forwarding and Control Element Separation (ForCES) Framework.
• RFC3775: Mobility Support in IPv6.
• RFC3776: Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents.
• RFC3788: Security Considerations for Signaling Transport (SIGTRAN) Protocols.
• RFC3792: Survey of IPv4 Addresses in Currently Deployed IETF Security Area Standards Track and Experimental Documents.
• RFC3819: Advice for Internet Subnetwork Designers.
• RFC3821: Fibre Channel Over TCP/IP (FCIP).
• RFC3871: Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure.
• RFC3884: Use of IPsec Transport Mode for Dynamic Routing.
• RFC3890: A Transport Independent Bandwidth Modifier for the Session Description Protocol (SDP).
• RFC3916: Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3).
• RFC3931: Layer Two Tunneling Protocol - Version 3 (L2TPv3).
• RFC3940: Negative-acknowledgment (NACK)-Oriented Reliable Multicast (NORM) Protocol.
• RFC3941: Negative-Acknowledgment (NACK)-Oriented Reliable Multicast (NORM) Building Blocks.
• RFC3948: UDP Encapsulation of IPsec ESP Packets.
• RFC3955: Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX).
• RFC3963: Network Mobility (NEMO) Basic Support Protocol.
• RFC3965: A Simple Mode of Facsimile Using Internet Mail.
• RFC3973: Protocol Independent Multicast - Dense Mode (PIM-DM): Protocol Specification (Revised).
• RFC3985: Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture.
• RFC3991: Media Gateway Control Protocol (MGCP) Redirect and Reset Package.
• RFC3992: Media Gateway Control Protocol (MGCP) Lockstep State Reporting Mechanism.
• RFC4004: Diameter Mobile IPv4 Application.
• RFC4023: Encapsulating MPLS in IP or Generic Routing Encapsulation (GRE).
• RFC4046: Multicast Security (MSEC) Group Key Management Architecture.
• RFC4067: Context Transfer Protocol (CXTP).
• RFC4083: Input 3rd-Generation Partnership Project (3GPP) Release 5 Requirements on the Session Initiation Protocol (SIP).
• RFC4086: Randomness Requirements for Security. D. Eastlake, 3rd,
• RFC4087: IP Tunnel
• RFC4093: Problem Statement: Mobile IPv4 Traversal of Virtual Private Network (VPN) Gateways.
• RFC4097: Middlebox Communications (MIDCOM) Protocol Evaluation.
• RFC4101: Writing Protocol Models.
• RFC4110: A Framework for Layer 3 Provider-Provisioned Virtual Private Networks (PPVPNs).
• RFC4111: Security Framework for Provider-Provisioned Virtual Private Networks (PPVPNs).
• RFC4160: Internet Fax Gateway Requirements.
• RFC4161: Guidelines for Optional Services for Internet Fax Gateways.
• RFC4172: iFCP - A Protocol for Internet Fibre Channel Storage Networking.
• RFC4176: Framework for Layer 3 Virtual Private Networks (L3VPN) Operations and Management.
• RFC4196: The SEED Cipher Algorithm and Its Use with IPsec.
• RFC4204: Link Management Protocol (LMP).
• RFC4213: Basic Transition Mechanisms for IPv6 Hosts and Routers.
• RFC4230: RSVP Security Properties.
• RFC4272: BGP Security Vulnerabilities Analysis.
• RFC4278: Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification.
• RFC4282: The Network Access Identifier.
• RFC4294: IPv6 Node Requirements.
• RFC4297: Remote Direct Memory Access (RDMA) over IP Problem Statement.
• RFC4301: Security Architecture for the Internet Protocol.
• RFC4306: Internet Key Exchange (IKEv2) Protocol.
• RFC4308: Cryptographic Suites for IPsec.
• RFC4312: The Camellia Cipher Algorithm and Its Use With IPsec.
• RFC4322: Opportunistic Encryption using the Internet Key Exchange (IKE).
• RFC4340: Datagram Congestion Control Protocol (DCCP).
• RFC4347: Datagram Transport Layer Security.
• RFC4409: Message Submission for Mail.
• RFC4443: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification.
• RFC4513: Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms.
• RFC4555: IKEv2 Mobility and Multihoming Protocol (MOBIKE).
• RFC4607: Source-Specific Multicast for
• RFC4621: Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol.
• RFC4656: A One-way Active Measurement Protocol (OWAMP).
• RFC4718: IKEv2 Clarifications and Implementation Guidelines.