更新时间:2023-06-20 GMT+08:00

参考标准和协议

与VPN相关的参考标准与协议如下:

  • RFC 2403: The Use of HMAC-MD5-96 within ESP and AH
  • RFC 2404: The Use of HMAC-SHA-1-96 within ESP and AH
  • RFC 2409: The Internet Key Exchange (IKE)
  • RFC 2451: The ESP CBC-Mode Cipher Algorithms
  • RFC 3526: More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
  • RFC 3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
  • RFC 3602: The AES-CBC Cipher Algorithm and Its Use with IPsec
  • RFC 3664: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)
  • RFC 4106: The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)
  • RFC 4109: Algorithms for Internet Key Exchange version 1 (IKEv1)
  • RFC 4434: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)
  • RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
  • RFC 4301: Security Architecture for the Internet Protocol
  • RFC 4302: IP Authentication Header
  • RFC 4303: IP Encapsulating Security Payload (ESP)
  • RFC 4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)
  • RFC 4306: Internet Key Exchange (IKEv2)Protocol
  • RFC 4307: Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
  • RFC 4308: Cryptographic Suites for IPsec
  • RFC 5282: Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol
  • RFC 6989: Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2)
  • RFC 7296: Internet Key Exchange Protocol Version 2 (IKEv2)
  • RFC 7321: Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)
  • RFC 8247: Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2)
  • RFC 3947: Negotiation of NAT-Traversal in the IKE
  • RFC 3948: UDP Encapsulation of IPsec ESP Packets
  • RFC 3706: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers
  • RFC 4271: A Border Gateway Protocol 4 (BGP-4)