Technical Summary
This document describes the use of the RSA Digital Signature algorithm
as an authentication algorithm within the revised IPsec Encapsulating
Security Payload (ESP) and the revised IPsec Authentication Header
(AH). The use of a digital signature algorithm, such as RSA, provides
data origin authentication in applications when a secret key method,
like HMAC, does not provide this property. One example is the use of
ESP and AH to authenticate the sender of an IP multicast packet.
Working Group Summary
The MSEC Working Group reached consensus on this document.
Protocol Quality
This document was reviewed by Russ Housley and Sam Hartman for the IESG.