RFC 7321

Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH), August 2014

Canonical URL:
https://www.rfc-editor.org/rfc/rfc7321.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Obsoletes:
RFC 4835
Authors:
D. McGrew
P. Hoffman
Stream:
IETF
Source:
ipsecme (sec)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC7321

Discuss this RFC: Send questions or comments to ipsec@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document updates the Cryptographic Algorithm Implementation Requirements for the Encapsulating Security Payload (ESP) and Authentication Header (AH). It also adds usage guidance to help in the selection of these algorithms. ESP and AH protocols make use of various cryptographic algorithms to provide confidentiality and/or data origin authentication to protected data communications in the IP Security (IPsec) architecture. To ensure interoperability between disparate implementations, the IPsec standard specifies a set of mandatory-to- implement algorithms. This document specifies the current set of mandatory-to-implement algorithms for ESP and AH, specifies algorithms that should be implemented because they may be promoted to mandatory at some future time, and also recommends against the implementation of some obsolete algorithms. Usage guidance is also provided to help the user of ESP and AH best achieve their security goals through appropriate choices of cryptographic algorithms.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×