draft-ietf-ipsecme-traffic-visibility-06.txt   draft-ietf-ipsecme-traffic-visibility-07.txt 
Network Working Group K. Grewal Network Working Group K. Grewal
Internet Draft Intel Corporation Internet Draft Intel Corporation
Intended status: Standards Track G. Montenegro Intended status: Standards Track G. Montenegro
Expires: February 06, 2010 Microsoft Corporation Expires: February 10, 2010 Microsoft Corporation
M. Bhatia M. Bhatia
Alcatel-Lucent Alcatel-Lucent
August 06, 2009 August 10, 2009
Wrapped ESP for Traffic Visibility Wrapped ESP for Traffic Visibility
draft-ietf-ipsecme-traffic-visibility-06.txt draft-ietf-ipsecme-traffic-visibility-07.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance This Internet-Draft is submitted to IETF in full conformance
with the provisions of BCP 78 and BCP 79. with the provisions of BCP 78 and BCP 79. This document may
contain material from IETF Documents or IETF Contributions
published or made publicly available before November 10, 2008.
The person(s) controlling the copyright in some of this material
may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards
Process. Without obtaining an adequate license from the
person(s) controlling the copyright in such materials, this
document may not be modified outside the IETF Standards Process,
and derivative works of it may not be created outside the IETF
Standards Process, except to format it for publication as an RFC
or to translate it into languages other than English.
Internet-Drafts are working documents of the Internet Internet-Drafts are working documents of the Internet
Engineering Task Force (IETF), its areas, and its working Engineering Task Force (IETF), its areas, and its working
groups. Note that other groups may also distribute working groups. Note that other groups may also distribute working
documents as Internet-Drafts. documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet- documents at any time. It is inappropriate to use Internet-
Drafts as reference material or to cite them other than as "work Drafts as reference material or to cite them other than as "work
in progress." in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on February 06, 2010. This Internet-Draft will expire on February 10, 2010.
Copyright Copyright
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license- publication of this document (http://trustee.ietf.org/license-
info). Please review these documents carefully, as they describe info). Please review these documents carefully, as they describe
skipping to change at page 2, line 24 skipping to change at page 2, line 35
encryption and ESP NULL encryption by simply examining a packet. encryption and ESP NULL encryption by simply examining a packet.
This poses certain challenges to the intermediate devices that This poses certain challenges to the intermediate devices that
need to deep inspect the packet before making a decision on what need to deep inspect the packet before making a decision on what
should be done with that packet (Inspect and/or Allow/Drop). The should be done with that packet (Inspect and/or Allow/Drop). The
mechanism described in this document can be used to easily mechanism described in this document can be used to easily
disambiguate ESP-NULL from ESP encrypted packets, without disambiguate ESP-NULL from ESP encrypted packets, without
compromising on the security provided by ESP. compromising on the security provided by ESP.
Table of Contents Table of Contents
1. Introduction...................................................2 1. Introduction...................................................3
1.1. Requirements Language.....................................4 1.1. Requirements Language.....................................4
1.2. Applicability Statement...................................4 1.2. Applicability Statement...................................4
2. Wrapped ESP (WESP) Header format...............................4 2. Wrapped ESP (WESP) Header format...............................5
2.1. UDP Encapsulation.........................................7 2.1. UDP Encapsulation.........................................7
2.2. Transport and Tunnel Mode Considerations..................8 2.2. Transport and Tunnel Mode Considerations..................8
2.2.1. Transport Mode Processing............................8 2.2.1. Transport Mode Processing............................8
2.2.2. Tunnel Mode Processing...............................9 2.2.2. Tunnel Mode Processing...............................9
2.3. IKE Considerations.......................................10 2.3. IKE Considerations.......................................10
3. Security Considerations.......................................11 3. Security Considerations.......................................11
4. IANA Considerations...........................................12 4. IANA Considerations...........................................12
5. Acknowledgments...............................................12 5. Acknowledgments...............................................12
6. References....................................................12 6. References....................................................12
6.1. Normative References.....................................12 6.1. Normative References.....................................12
 End of changes. 7 change blocks. 
7 lines changed or deleted 18 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/