[IPsec] I-D Action:draft-ietf-ipsecme-esp-null-heuristics-07.txt

Internet-Drafts@ietf.org Mon, 22 March 2010 16:15 UTC

Return-Path: <root@core3.amsl.com>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 29DA33A69B0; Mon, 22 Mar 2010 09:15:01 -0700 (PDT)
From: Internet-Drafts@ietf.org
To: i-d-announce@ietf.org
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
Message-Id: <20100322161502.29DA33A69B0@core3.amsl.com>
Date: Mon, 22 Mar 2010 09:15:02 -0700 (PDT)
Cc: ipsec@ietf.org
Subject: [IPsec] I-D Action:draft-ietf-ipsecme-esp-null-heuristics-07.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2010 16:15:02 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF.

	Title           : Heuristics for Detecting ESP-NULL packets
	Author(s)       : T. Kivinen, D. McDonald
	Filename        : draft-ietf-ipsecme-esp-null-heuristics-07.txt
	Pages           : 37
	Date            : 2010-03-22

This document describes a set of heuristics for distinguishing IPsec
ESP-NULL (Encapsulating Security Payload without encryption) packets
from encrypted ESP packets.  These heuristics can be used on
intermediate devices, like traffic analyzers, and deep inspection
engines, to quickly decide whether given packet flow is encrypted or
not, i.e. whether it can be inspected or not.  Use of these
heuristics does not require any changes made on existing RFC4303
compliant IPsec hosts.

A URL for this Internet-Draft is:

Internet-Drafts are also available by anonymous FTP at:

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the