Protocol Action: 'The Use of Galois/Counter Mode (GCM) in IPsec ESP' to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The IESG has approved the following document:

- 'The Use of Galois/Counter Mode (GCM) in IPsec ESP '
   <draft-ietf-ipsec-ciph-aes-gcm-00.txt> as a Proposed Standard

This document is the product of the IP Security Protocol Working Group. 

The IESG contact persons are Russ Housley and Steve Bellovin.

Technical Summary

  This document describes the use of the Advanced Encryption Standard
  (AES) in Galois/Counter Mode (GCM) as an IPsec Encapsulating Security
  Payload (ESP) mechanism to provide confidentiality and data origin
  authentication.

Working Group Summary

  The IPsec Working Group reviewed this document, but it is progressing
  as an Individual submission.  All of the comments provided by IPsec
  Working Group participants were supportive.

Protocol Quality

  This document was reviewed by Russ Housley for the IESG.

RFC Editor Note

  In the first paragraph of section 1, please change "IPSec" to "IPsec"
  to use the normal spelling.

  OLD:

   This document describes the use of AES in GCM mode (AES-GCM) as an
   IPSec ESP mechanism ...

  NEW:

   This document describes the use of AES in GCM mode (AES-GCM) as an
   IPsec ESP mechanism ...

  Replace section 8.3.

  OLD:

   For IKE Phase 2 negotiations, IANA has assigned <TBD> as the ESP
   Transform Identifier for AES-GCM with an eight-byte explicit IV.

  NEW:

   For IKE Phase 2 negotiations, IANA has assigned four ESP Transform
   Identifiers for AES-GCM with an eight-byte explicit IV:

      <TBD1> for AES-GCM with a 4 octet ICV;
      <TBD2> for AES-GCM with an 8 octet ICV;
      <TBD3> for AES-GCM with a 12 octet ICV; and
      <TBD4> for AES-GCM with a 16 octet ICV.

  Replace section 12.

  OLD:

   Currently, no ESP transform numbers have been assigned for use with
   the AES-GCM transform.

  NEW:

   IANA has assigned four ESP Transform Identifiers for AES-GCM with
   an eight-byte explicit IV:

      <TBD1> for AES-GCM with a 4 octet ICV;
      <TBD2> for AES-GCM with an 8 octet ICV;
      <TBD3> for AES-GCM with a 12 octet ICV; and
      <TBD4> for AES-GCM with a 16 octet ICV.


_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux