rfc.4945 - The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX
10.08.2007
Abstract:
The Internet Key Exchange (IKE) and Public Key Infrastructure for
X.509 (PKIX) certificate profile both provide frameworks that must be
profiled for use in a given application. This document provides a
profile of IKE and PKIX that defines the requirements for using PKI
technology in the context of IKE/IPsec. The document complements
protocol specifications such as IKEv1 and IKEv2, which assume the
existence of public key certificates and related keying materials,
but which do not address PKI issues explicitly. This document
addresses those issues. The intended audience is implementers of PKI
for IPsec.