Search RFCs
RFC 7321
Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH),August 2014
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoletes:
- RFC 4835
- Obsoleted by:
- RFC 8221
- Authors:
- D. McGrew
P. Hoffman - Stream:
- IETF
- Source:
- ipsecme (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC7321
Discuss this RFC: Send questions or comments to the mailing listipsec@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 7321
Abstract
This document updates the Cryptographic Algorithm ImplementationRequirements for the Encapsulating Security Payload (ESP) andAuthentication Header (AH). It also adds usage guidance to help inthe selection of these algorithms.
ESP and AH protocols make use of various cryptographic algorithms toprovide confidentiality and/or data origin authentication toprotected data communications in the IP Security (IPsec)architecture. To ensure interoperability between disparateimplementations, the IPsec standard specifies a set of mandatory-to-implement algorithms. This document specifies the current set ofmandatory-to-implement algorithms for ESP and AH, specifiesalgorithms that should be implemented because they may be promoted tomandatory at some future time, and also recommends against theimplementation of some obsolete algorithms. Usage guidance is alsoprovided to help the user of ESP and AH best achieve their securitygoals through appropriate choices of cryptographic algorithms.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.