A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF.
Title : Wrapped ESP for Traffic Visibility
Author(s) : K. Grewal, et al.
Filename : draft-ietf-ipsecme-traffic-visibility-09.txt
Pages : 15
Date : 2009-10-07
This document describes the Wrapped Encapsulating Security
Payload (WESP) protocol, which builds on the Encapsulating
Security Payload (ESP) [RFC4303], and is designed to allow
intermediate devices to (1) ascertain if data confidentiality is
being employed within ESP and if not, (2) inspect the IPsec
packets for network monitoring and access control functions.
Currently in the IPsec ESP standard, there is no way to
differentiate between encrypted and unencrypted payloads by
simply examining a packet. This poses certain challenges to the
intermediate devices that need to deep inspect the packet before
making a decision on what should be done with that packet
(Inspect and/or Allow/Drop). The mechanism described in this
document can be used to easily disambiguate integrity-only ESP
from ESP-encrypted packets, without compromising on the security
provided by ESP.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-traffic-visibility-09.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipsecme-traffic-visibility-09.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt