[Cfrg] request for review of IPsec ESP and AH Usage Guidance

David McGrew <mcgrew@cisco.com> Tue, 02 July 2013 14:31 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id DF26721F9EE4 for <cfrg@ietfa.amsl.com>; Tue, 2 Jul 2013 07:31:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id qj9C3Gq3rSru for <cfrg@ietfa.amsl.com>; Tue, 2 Jul 2013 07:31:54 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com []) by ietfa.amsl.com (Postfix) with ESMTP id 75B9221F9EE1 for <cfrg@irtf.org>; Tue, 2 Jul 2013 07:31:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=634; q=dns/txt; s=iport; t=1372775514; x=1373985114; h=message-id:subject:from:to:cc:date:mime-version: content-transfer-encoding; bh=gKnWJahuNItLpIAD7i8X7ukrYfscOmbzTvvk4L9kZ3A=; b=mIJqtx5VTKtSpet2u6APlaZb7I3crW2mRxZnNOznbIgvTQwlNLaWCFGT Zw5Fd/WyrkRYPr3yNp+PyNRzkXl6VC09KworyffSGhlR7n8TGpCm7Wp7N WH+740g7rdG0WWBGwcHDkXZFJw6SIdmYI5bTI+LIpA71Zi74xBsfSv66v A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjgFAKDi0lGtJV2a/2dsb2JhbABagwkyAYMIR7xGgQEWdIJNVjUCJgJfiCIMqmKRNoEmjjSCWIEaA5hyhHiLJIMtIA
X-IronPort-AV: E=Sophos;i="4.87,980,1363132800"; d="scan'208";a="230033343"
Received: from rcdn-core-3.cisco.com ([]) by rcdn-iport-4.cisco.com with ESMTP; 02 Jul 2013 14:31:54 +0000
Received: from [] (rtp-mcgrew-8912.cisco.com []) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r62EVqV2019759 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Tue, 2 Jul 2013 14:31:53 GMT
Message-ID: <1372775511.3983.76.camel@darkstar>
From: David McGrew <mcgrew@cisco.com>
To: cfrg <cfrg@irtf.org>
Date: Tue, 02 Jul 2013 10:31:51 -0400
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.4.4-3
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>, "wajdi.k.feghali@intel.com" <wajdi.k.feghali@intel.com>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: [Cfrg] request for review of IPsec ESP and AH Usage Guidance
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2013 14:31:59 -0000

Hello CFRG,

Yaron, Paul, Wajdi, and I are interested in your input on the "Usage
Guidance" section in "Cryptographic Algorithm Implementation
Requirements and Usage Guidance for Encapsulating Security Payload (ESP)
and Authentication Header (AH)".   This is an active standards-track
draft in the IPsec working group, which updates the ESP and AH algorithm
requirements (RFC 4835).  The usage guidance section is new, and it
offers advice on how to use ESP and AH to achieve cryptographic security

Quick link: