Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Security Architecture for the Internet Protocol (RFC4301)

IP.com Disclosure Number: IPCOM000132535D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-21

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Kent: AUTHOR [+2]

Abstract

This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer. This document obsoletes RFC 2401 (November 1998).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 1% of the total text.

Network Working Group                                            S. Kent
Request for Comments: 4301                                        K. Seo
Obsoletes: 2401                                         BBN Technologies
Category: Standards Track                                  December 2005


            Security Architecture for the Internet Protocol

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes an updated version of the "Security
   Architecture for IP", which is designed to provide security services
   for traffic at the IP layer.  This document obsoletes RFC 2401
   (November 1998).

Dedication

   This document is dedicated to the memory of Charlie Lynn, a long-time
   senior colleague at BBN, who made very significant contributions to
   the IPsec documents.

Kent & Seo                  Standards Track                     [Page 1]
RFC 4301              Security Architecture for IP         December 2005


Table of Contents

   1. Introduction ....................................................4
      1.1. Summary of Contents of Document ............................4
      1.2. Audience ...................................................4
      1.3. Related Documents ..........................................5
   2. Design Objectives ...............................................5
      2.1. Goals/Objectives/Requirements/Problem Description ..........5
      2.2. Caveats and Assumptions ....................................6
   3. System Overview .................................................7
      3.1. What IPsec Does ............................................7
      3.2. How IPsec Works ............................................9
      3.3. Where IPsec Can Be Implemented ............................10
   4. Security Associations ..........................................11
      4.1. Definition and Scope ......................................12
      4.2. SA Functionality ..........................................16
      4.3. Combining SAs .............................................17
      4.4. Major IPsec Databases .....................................18
           4.4.1. The Security Policy Database (SPD) .................19
                  4.4.1.1. Selectors ............