[IPsec] Document Action: 'Heuristics for Detecting ESP-NULL packets' to Informational RFC

The IESG <iesg-secretary@ietf.org> Tue, 23 March 2010 15:41 UTC

Return-Path: <wwwrun@core3.amsl.com>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 30) id D669F3A6C41; Tue, 23 Mar 2010 08:41:03 -0700 (PDT)
X-idtracker: yes
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <20100323154103.D669F3A6C41@core3.amsl.com>
Date: Tue, 23 Mar 2010 08:41:03 -0700 (PDT)
Cc: ipsecme mailing list <ipsec@ietf.org>, ipsecme chair <ipsecme-chairs@tools.ietf.org>, Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [IPsec] Document Action: 'Heuristics for Detecting ESP-NULL packets' to Informational RFC
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2010 15:41:04 -0000

The IESG has approved the following document:

- 'Heuristics for Detecting ESP-NULL packets '
   <draft-ietf-ipsecme-esp-null-heuristics-07.txt> as an Informational RFC

This document is the product of the IP Security Maintenance and Extensions Working Group. 

The IESG contact persons are Pasi Eronen and Tim Polk.

A URL of this Internet-Draft is:

Technical Summary

   This document describes a set of heuristics for distinguishing
   IPsec ESP-null (Encapsulating Security Payload without encryption)
   packets from encrypted ESP packets. These heuristics can be used on
   intermediate devices, such as traffic analyzers and deep inspection
   engines, to quickly decide whether given packet flow is interesting
   or not. Use of these heuristics does not require any changes made
   on existing RFC 4303 compliant IPsec hosts.

Working Group Summary

   Early on there was prolonged WG discussion about the relative
   merits of the Wrapped ESP solution for identifying ESP-null
   traffic, compared to heuristic methods for traffic
   inspection. Eventually the WG reached consensus on the usefulness
   of having both solutions published, with the heuristics solution
   targeted for the interim period until WESP is widely deployed. This
   consensus is documented in both protocol documents.

Document Quality

   Currently, there are no known implementations.


   The document shepherd is Yaron Sheffer, and the responsible
   area director is Pasi Eronen.