A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF.
Title : Wrapped ESP for Traffic Visibility
Author(s) : M. Bhatia, K. Grewal, G. Montenegro
Filename : draft-ietf-ipsecme-traffic-visibility-03.txt
Pages : 14
Date : 2009-6-1
This document describes the Wrapped Encapsulating Security
Payload (WESP) protocol, which builds on top of Encapsulating
Security Payload (ESP) [RFC4303] and is designed to allow
intermediate devices to ascertain if ESP-NULL [RFC2410] is being
employed and hence inspect the IPsec packets for network
monitoring and access control functions. Currently in the IPsec
standard, there is no way to differentiate between ESP
encryption and ESP NULL encryption by simply examining a packet.
This poses certain challenges to the intermediate devices that
need to deep inspect the packet before making a decision on what
should be done with that packet (Inspect and/or Allow/Drop). The
mechanism described in this document can be used to easily
disambiguate ESP-NULL from ESP encrypted packets, without
compromising on the security provided by ESP.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-traffic-visibility-03.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipsecme-traffic-visibility-03.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt