The Use of RSA/SHA-1 Signatures within Encapsulating Security Payload (ESP) and Authentication Header (AH)
RFC 4359
Approval announcement
Draft of message to be sent after approval:
From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, msec mailing list <msec@ietf.org>, msec chair <msec-chairs@tools.ietf.org> Subject: Protocol Action: 'The Use of RSA/SHA-1 Signatures within ESP and AH' to Proposed Standard The IESG has approved the following document: - 'The Use of RSA/SHA-1 Signatures within ESP and AH ' <draft-ietf-msec-ipsec-signatures-07.txt> as a Proposed Standard This document is the product of the Multicast Security Working Group. The IESG contact persons are Russ Housley and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-msec-ipsec-signatures-07.txt
Technical Summary This document describes the use of the RSA Digital Signature algorithm as an authentication algorithm within the revised IPsec Encapsulating Security Payload (ESP) and the revised IPsec Authentication Header (AH). The use of a digital signature algorithm, such as RSA, provides data origin authentication in applications when a secret key method, like HMAC, does not provide this property. One example is the use of ESP and AH to authenticate the sender of an IP multicast packet. Working Group Summary The MSEC Working Group reached consensus on this document. Protocol Quality This document was reviewed by Russ Housley and Sam Hartman for the IESG.