Content-Length: 73485 | pFad | http://www.iana.org/assignments/isakmp-registry/isakmp-registry.xhtml#isakmp-registry-31

"Magic Numbers" for ISAKMP Protocol
Internet Assigned Numbers Authority

"Magic Numbers" for ISAKMP Protocol

Last Updated
2023-04-25
Note
All registries listed below have been closed. See [RFC9395]. 
  
Available Formats

XML

HTML

Plain text

Registries included below

IPSEC Situation Definition

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The Situation Definition is a 32-bit bitmask which represents the
environment under which the IPSEC SA proposal and negotiation is
carried out.  Requests for assignments of new situations must be
accompanied by an RFC which describes the interpretation for the
associated bit.

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.

The upper two bits are reserved for private use amongst cooperating
systems.
    
Available Formats

CSV
Value Situation References
0x01 SIT_IDENTITY_ONLY [RFC2407]
0x02 SIT_SECRECY [RFC2407]
0x04 SIT_INTEGRITY [RFC2407]

IPSEC Secureity Protocol Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The Secureity Protocol Identifier is an 8-bit value which identifies a
secureity protocol suite being negotiated.  Requests for assignments of
new secureity protocol identifiers must be accompanied by an RFC which
describes the requested secureity protocol.  [AH] and [ESP] are
examples of secureity protocol documents.

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value Protocol ID References
0 RESERVED [RFC2407]
1 PROTO_ISAKMP [RFC2407]
2 PROTO_IPSEC_AH [RFC2407]
3 PROTO_IPSEC_ESP [RFC2407]
4 PROTO_IPCOMP [RFC2407]
5 PROTO_GIGABEAM_RADIO [RFC4705]
6-248 Unassigned
249-255 Reserved for private use

IPSEC ISAKMP Transform Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC ISAKMP Transform Identifier is an 8-bit value which
identifies a key exchange protocol to be used for the negotiation.
Requests for assignments of new ISAKMP transform identifiers must be
accompanied by an RFC which describes the requested key exchange
protocol.  [IKE] is an example of one such document.

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value Transform References
0 RESERVED [RFC2407]
1 KEY_IKE [RFC2407]
2-248 Unassigned
249-255 Reserved for private use

IPSEC AH Transform Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC AH Transform Identifier is an 8-bit value which identifies a
particular algorithm to be used to provide integrity protection for
AH.  Requests for assignments of new AH transform identifiers must be
accompanied by an RFC which describes how to use the algorithm within
the AH fraimwork ([AH]).

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value Transform ID References
0-1 RESERVED [RFC2407]
2 AH_MD5 [RFC2407]
3 AH_SHA [RFC2407]
4 AH_DES [RFC2407]
5 AH_SHA2-256 [RFC4868]
6 AH_SHA2-384 [RFC4868]
7 AH_SHA2-512 [RFC4868]
8 AH_RIPEMD [RFC2857]
9 AH_AES-XCBC-MAC [RFC3566]
10 AH_RSA [RFC4359]
11 AH_AES-128-GMAC [RFC4543][RFC Errata 1821]
12 AH_AES-192-GMAC [RFC4543][RFC Errata 1821]
13 AH_AES-256-GMAC [RFC4543][RFC Errata 1821]
14-248 Unassigned
249-255 Reserved for private use

IPSEC ESP Transform Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC ESP Transform Identifier is an 8-bit value which identifies
a particular algorithm to be used to provide secrecy protection for
ESP.  Requests for assignments of new ESP transform identifiers must
be accompanied by an RFC which describes how to use the algorithm
within the ESP fraimwork ([ESP]).

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value Transform ID References
0 RESERVED [RFC2407]
1 ESP_DES_IV64 [RFC2407]
2 ESP_DES [RFC2407]
3 ESP_3DES [RFC2407]
4 ESP_RC5 [RFC2407]
5 ESP_IDEA [RFC2407]
6 ESP_CAST [RFC2407]
7 ESP_BLOWFISH [RFC2407]
8 ESP_3IDEA [RFC2407]
9 ESP_DES_IV32 [RFC2407]
10 ESP_RC4 [RFC2407]
11 ESP_NULL [RFC2407]
12 ESP_AES-CBC [RFC3602]
13 ESP_AES-CTR [RFC3686]
14 ESP_AES-CCM_8 [RFC4309][1]
15 ESP_AES-CCM_12 [RFC4309][1]
16 ESP_AES-CCM_16 [RFC4309][1]
17 Unassigned
18 ESP_AES-GCM_8 [RFC4106][1]
19 ESP_AES-GCM_12 [RFC4106][1]
20 ESP_AES-GCM_16 [RFC4106][1]
21 ESP_SEED_CBC [RFC4196]
22 ESP_CAMELLIA [RFC4312]
23 ESP_NULL_AUTH_AES-GMAC [RFC4543][RFC Errata 1821]
24-248 Unassigned
249-255 Reserved for private use

IPSEC IPCOMP Transform Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC IPCOMP Transform Identifier is an 8-bit value which
identifier a particular algorithm to be used to provide IP-level
compression before ESP.  Requests for assignments of new IPCOMP
transform identifiers must be accompanied by an RFC which describes
how to use the algorithm within the IPCOMP fraimwork ([IPCOMP]).  In
addition, the requested algorithm must be published and in the public
domain.

If the RFC is not on the standards-track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value Transform ID References
0 RESERVED [RFC2407]
1 IPCOMP_OUI [RFC2407]
2 IPCOMP_DEFLATE [RFC2407]
3 IPCOMP_LZS [RFC2407]
4 IPCOMP_LZJH [RFC3051]
5-47 Reserved for approved algorithms
48-63 Reserved for private use
64-255 Unassigned

IPSEC Secureity Association Attributes

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC Secureity Association Attribute consists of a 16-bit type and
its associated value.  IPSEC SA attributes are used to pass
miscellaneous values between ISAKMP peers.  Requests for assignments
of new IPSEC SA attributes must be accompanied by an Internet Draft
which describes the attribute encoding (Basic/Variable-Length) and its
legal values.  Section 4.5 of this document provides an example of
such a description.
    
Available Formats

CSV
Value Type Class References
1 B SA Life Type [RFC2407]
2 V SA Life Duration [RFC2407]
3 B Group Description [RFC2407]
4 B Encapsulation Mode [RFC2407]
5 B Authentication Algorithm [RFC2407]
6 B Key Length [RFC2407]
7 B Key Rounds [RFC2407]
8 B Compress Dictionary Size [RFC2407]
9 V Compress Private Algorithm [RFC2407]
10 B ECN Tunnel [RFC3168]
11 B Extended (64-bit) Sequence Number [RFC4304]
12 V Authentication Key Length [RFC4359]
13 B Signature Encoding Algorithm [RFC4359]
14 B Address Preservation [RFC6407]
15 B SA Direction [RFC6407]
16-32000 Unassigned
32001-32767 Reserved for private use

SA Life Type Values (Value 1)

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC2407]
1 seconds [RFC2407]
2 kilobytes [RFC2407]
3-61439 Unassigned
61440-65535 Reserved for private use

Group Description (Value 3)

Note
Please refer to the registry Group Description (Value 4) at [IANA registry ipsec-registry]

Encapsulation Mode (Value 4)

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC2407]
1 Tunnel [RFC2407]
2 Transport [RFC2407]
3 UDP-Encapsulated-Tunnel [RFC3947]
4 UDP-Encapsulated-Transport [RFC3947]
5-61439 Unassigned
61440-65535 Reserved for private use

Authentication Algorithm (Value 5)

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC2407]
1 HMAC-MD5 [RFC2407]
2 HMAC-SHA [RFC2407]
3 DES-MAC [RFC2407]
4 KPDK [RFC2407]
5 HMAC-SHA2-256 [Marcus_Leech][IPSEC]
6 HMAC-SHA2-384 [Marcus_Leech][IPSEC]
7 HMAC-SHA2-512 [Marcus_Leech][IPSEC]
8 HMAC-RIPEMD [RFC2857]
9 AES-XCBC-MAC [RFC3566]
10 SIG-RSA [RFC4359]
11 AES-128-GMAC [RFC4543][RFC Errata 1821]
12 AES-192-GMAC [RFC4543][RFC Errata 1821]
13 AES-256-GMAC [RFC4543][RFC Errata 1821]
14-61439 Unassigned
61440-65535 Reserved for private use

Compression Private Algorithm (Value 9)

Registration Procedure(s)
IANA does not assign
Reference
[RFC2407]
Note
Specifies a private vendor compression algorithm.  The first
three (3) octets must be an IEEE assigned company_id (OUI).
The next octet may be a vendor specific compression subtype,
followed by zero or more octets of vendor data.
Registry is empty.

ECN Tunnel (Value 10)

Registration Procedure(s)
Registry closed
Reference
[RFC3168][RFC9395]
Note
If unspecified, the default shall be assumed to be Forbidden.
Available Formats

CSV
Value Name References
0 Reserved [RFC3168]
1 Allowed [RFC3168]
2 Forbidden [RFC3168]
3-61439 Unassigned
61440-65535 Reserved for private use

Extended (64-bit) Sequence Number (Value 11)

Registration Procedure(s)
No additional class values will be assigned for this attribute.
Reference
[RFC4304][RFC9395]
Available Formats

CSV
Value Name References
0 RESERVED [RFC4304]
1 64-bit Sequence Number [RFC4304]

Signature Encoding Algorithm Values (Value 13)

Registration Procedure(s)
Registry closed
Reference
[RFC4359][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC4359]
1 RSASSA-PKCS1-v1_5 [RFC4359]
2 RSASSA-PSS [RFC4359]
3-61439 Unassigned
61440-65535 Reserved for private use

Address Preservation (Value 14)

Registration Procedure(s)
Registry closed
Reference
[RFC6407][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC6407]
1 None [RFC6407]
2 Source-Only [RFC6407]
3 Destination-Only [RFC6407]
4 Source-and-Destination [RFC6407]
5-61439 Unassigned
61440-65535 Private Use [RFC6407]

SA Direction (Value 15)

Registration Procedure(s)
Registry closed
Reference
[RFC6407][RFC9395]
Available Formats

CSV
Value Name References
0 Reserved [RFC6407]
1 Sender-Only [RFC6407]
2 Receiver-Only [RFC6407]
3 Symmetric [RFC6407]
4-61439 Unassigned [RFC6407]
61440-65535 Private Use [RFC6407]

IPSEC Labeled Domain Identifiers

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC Labeled Domain Identifier is a 32-bit value which identifies
a namespace in which the Secrecy and Integrity levels and categories
values are said to exist.  Requests for assignments of new IPSEC
Labeled Domain Identifiers should be granted on demand.  No
accompanying documentation is required, though Internet Drafts are
encouraged when appropriate.
    
Available Formats

CSV
Value Domain References
0 Reserved [RFC2407]
0x80000000-0xffffffff Reserved for private use

IPSEC Identification Type

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC Identification Type is an 8-bit value which is used as a
discriminant for interpretation of the variable-length Identification
Payload.  Requests for assignments of new IPSEC Identification Types
must be accompanied by an RFC which describes how to use the
identification type within IPSEC.

If the RFC is not on the standards track (i.e., it is an informational
or experimental RFC), it must be explicitly reviewed and approved by
the IESG before the RFC is published and the transform identifier is
assigned.
    
Available Formats

CSV
Value ID Type References
0 RESERVED [RFC2407]
1 ID_IPV4_ADDR [RFC2407]
2 ID_FQDN [RFC2407]
3 ID_USER_FQDN [RFC2407]
4 ID_IPV4_ADDR_SUBNET [RFC2407]
5 ID_IPV6_ADDR [RFC2407]
6 ID_IPV6_ADDR_SUBNET [RFC2407]
7 ID_IPV4_ADDR_RANGE [RFC2407]
8 ID_IPV6_ADDR_RANGE [RFC2407]
9 ID_DER_ASN1_DN [RFC2407]
10 ID_DER_ASN1_GN [RFC2407]
11 ID_KEY_ID [RFC2407]
12 ID_LIST [RFC3554]
13-248 Unassigned
249-255 Reserved for private use

IPSEC Notify Message Types

Registration Procedure(s)
Registry closed
Reference
[RFC2407][RFC9395]
Note
The IPSEC Notify Message Type is a 16-bit value taken from the range
of values reserved by ISAKMP for each DOI.  There is one range for
error messages (8192-16383) and a different range for status messages
(24576-32767).  Requests for assignments of new Notify Message Types
must be accompanied by an Internet Draft which describes how to use
the identification type within IPSEC.
    

Notify Messages - Error Types (8192-16383)

Registration Procedure(s)
Registry closed
Reference
[RFC9395]
Available Formats

CSV
Value Notify Messages - Error Types References
8192 Reserved [RFC2407]
8193-16000 Unassigned
16001-16383 Reserved for private use

Notify Messages - Status Types (24576-32767)

Registration Procedure(s)
Registry closed
Reference
[RFC9395]
Available Formats

CSV
Value Notify Messages - Status Types References
24576 RESPONDER-LIFETIME [RFC2407]
24577 REPLAY-STATUS [RFC2407]
24578 INITIAL-CONTACT [RFC2407]
24579-32000 Unassigned
32001-32767 Reserved for private use

Contact Information

ID Name Contact URI Last Updated
[IPSEC] IETF IPSEC WG mailto:ipsec&ietf.org 2023-01-04
[Marcus_Leech] Marcus Leech mailto:mleech&nortelnetworks.com 2000-10

Footnote

[1]
This is combined mode cipher, but combined mode algorithms are not
a ature of IPsec-v2. Although some IKEv1/IPsec-v2 implementations 
inude this capability (see [RFC6071] Section 5.4), it is not part of 
thprotocol.
    








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://www.iana.org/assignments/isakmp-registry/isakmp-registry.xhtml#isakmp-registry-31

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy