Browse Prior Art Database

Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH) (RFC7321) Disclosure Number: IPCOM000238401D
Original Publication Date: 2014-Aug-01
Included in the Prior Art Database: 2014-Aug-23
Document File: 22 page(s) / 26K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. McGrew: AUTHOR [+2]


The Encapsulating Security Payload (ESP) [RFC4303] and the Authentication Header (AH) [RFC4302] are the mechanisms for applying cryptographic protection to data being sent over an IPsec Security Association (SA) [RFC4301].

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 11% of the total text.

Internet Engineering Task Force (IETF)                         D. McGrew Request for Comments: 7321                                 Cisco Systems Obsoletes: 4835                                               P. Hoffman Category: Standards Track                                 VPN Consortium ISSN: 2070-1721                                              August 2014

  Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)


   This document updates the Cryptographic Algorithm Implementation    Requirements for the Encapsulating Security Payload (ESP) and    Authentication Header (AH).  It also adds usage guidance to help in    the selection of these algorithms.

   ESP and AH protocols make use of various cryptographic algorithms to    provide confidentiality and/or data origin authentication to    protected data communications in the IP Security (IPsec)    architecture.  To ensure interoperability between disparate    implementations, the IPsec standard specifies a set of mandatory-to-    implement algorithms.  This document specifies the current set of    mandatory-to-implement algorithms for ESP and AH, specifies    algorithms that should be implemented because they may be promoted to    mandatory at some future time, and also recommends against the    implementation of some obsolete algorithms.  Usage guidance is also    provided to help the user of ESP and AH best achieve their security    goals through appropriate choices of cryptographic algorithms.

   This document obsoletes RFC 4835.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at

 McGrew & Hoffman             Standards Track                    [Page 1]
 RFC 7321               Requirements for ESP and AH           August 2014

 Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    ( in effect on the date of    publication of this d...