Network Working Group                                        R. Atkinson
Request for Comments: 1827                     Naval Research Laboratory
Category: Standards Track                                    August 1995


                IP Encapsulating Security Payload (ESP)

Status of this Memo(RFC1661に同じ)

ABSTRACT

   This document describes the IP Encapsulating Security Payload (ESP).
   ESP is a mechanism for providing integrity and confidentiality to IP
   datagrams.  In some circumstances it can also provide authentication
   to IP datagrams.  The mechanism works with both IPv4 and IPv6.

1. INTRODUCTION

   ESP is a mechanism for providing integrity and confidentiality to IP
   datagrams.  It may also provide authentication, depending on which
   algorithm and algorithm mode are used.  Non-repudiation and
   protection from traffic analysis are not provided by ESP.  The IP
   Authentication Header (AH) might provide non-repudiation if used with
   certain authentication algorithms [Atk95b].  The IP Authentication
   Header may be used in conjunction with ESP to provide authentication.
   Users desiring integrity and authentication without confidentiality
   should use the IP Authentication Header (AH) instead of ESP.  This
   document assumes that the reader is familiar with the related
   document "IP Security Architecture", which defines the overall
   Internet-layer security architecture for IPv4 and IPv6 and provides
   important background for this specification [Atk95a].

1.1 Overview(以下，略)


REFERENCES

   [Atk95a] Atkinson, R., "Security Architecture for the Internet
            Protocol", RFC 1825, NRL, August 1995.

   [Atk95b] Atkinson, R., "IP Authentication Header", RFC 1826, NRL,
            August 1995.