Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)
RFC 4309

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    ipsec mailing list <ipsec@ietf.org>, 
    ipsec chair <ipsec-chairs@tools.ietf.org>
Subject: Protocol Action: 'Using AES CCM Mode With IPsec ESP' to 
         Proposed Standard 

The IESG has approved the following document:

- 'Using AES CCM Mode With IPsec ESP '
   <draft-ietf-ipsec-ciph-aes-ccm-06.txt> as a Proposed Standard

This document is the product of the IP Security Protocol Working Group. 

The IESG contact persons are Steve Bellovin and Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsec-ciph-aes-ccm-06.txt

This document describes how to use CCM encryption with IPsec's ESP.
CCM itself is described elswhere; however, a number of details must be 
provided to  use it, and in particular to use it securely.

There was considerable debate over two points: should CCM -- a variant on 
counter mode -- exist at all, due to security challenges posed by counter 
mode, and should the ESP sequence number be used as an initialization 
vector. Both items are discussed and resolved satisfactorily in the document

Steven M. Bellovin reviewed this document for the IESG.