Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC4739
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 4739
AbstractThe Internet Key Exchange (IKEv2) protocol supports several mechanisms for authenticating the parties, including signatures with public-key certificates, shared secrets, and Extensible Authentication Protocol (EAP) methods. Currently, each endpoint uses only one of these mechanisms to authenticate itself. This document specifies an extension to IKEv2 that allows the use of multiple authentication exchanges, using either different mechanisms or the same mechanism. This extension allows, for instance, performing certificate-based authentication of the client host followed by an EAP authentication of the user. When backend authentication servers are used, they can belong to different administrative domains, such as the network access provider and the service provider. This memo defines an Experimental Protocol for the Internet community.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4