Browse Prior Art Database

Security Architecture for the Internet Protocol (RFC2401)

IP.com Disclosure Number: IPCOM000002976D
Original Publication Date: 1998-Nov-01
Included in the Prior Art Database: 2000-Sep-13

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Kent: AUTHOR [+2]

Abstract

1.1 Summary of Contents of Document

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 2% of the total text.

Network Working Group S. Kent

Request for Comments: 2401 BBN Corp

Obsoletes: 1825 R. Atkinson

Category: Standards Track @Home Network

November 1998

Security Architecture for the Internet Protocol

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1998). All Rights Reserved.

Table of Contents

1. Introduction........................................................3

1.1 Summary of Contents of Document..................................3

1.2 Audience.........................................................3

1.3 Related Documents................................................4

2. Design Objectives...................................................4

2.1 Goals/Objectives/Requirements/Problem Description................4

2.2 Caveats and Assumptions..........................................5

3. System Overview.....................................................5

3.1 What IPsec Does..................................................6

3.2 How IPsec Works..................................................6

3.3 Where IPsec May Be Implemented...................................7

4. Security Associations...............................................8

4.1 Definition and Scope.............................................8

4.2 Security Association Functionality..............................10

4.3 Combining Security Associations.................................11

4.4 Security Association Databases..................................13

4.4.1 The Security Policy Database (SPD).........................14

4.4.2 Selectors..................................................17

4.4.3 Security Association Database (SAD)........................21

4.5 Basic Combinations of Security Associations.....................24

4.6 SA and Key Management...........................................26

4.6.1 Manual Techniques..........................................27

4.6.2 Automated SA and Key Management............................27

4.6.3 Locating a Security Gateway................................28

4.7 Security Associations and Multicast.............................29<...