The Use of RSA/SHA-1 Signatures within Encapsulating Security Payload (ESP) and Authentication Header (AH)
RFC 4359

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    msec mailing list <>, 
    msec chair <>
Subject: Protocol Action: 'The Use of RSA/SHA-1 Signatures 
         within ESP and AH' to Proposed Standard 

The IESG has approved the following document:

- 'The Use of RSA/SHA-1 Signatures within ESP and AH '
   <draft-ietf-msec-ipsec-signatures-07.txt> as a Proposed Standard

This document is the product of the Multicast Security Working Group. 

The IESG contact persons are Russ Housley and Tim Polk.

A URL of this Internet-Draft is:

Technical Summary

  This document describes the use of the RSA Digital Signature algorithm
  as an authentication algorithm within the revised IPsec Encapsulating
  Security Payload (ESP) and the revised IPsec Authentication Header
  (AH).  The use of a digital signature algorithm, such as RSA, provides
  data origin authentication in applications when a secret key method,
  like HMAC, does not provide this property.  One example is the use of
  ESP and AH to authenticate the sender of an IP multicast packet.

Working Group Summary

  The MSEC Working Group reached consensus on this document.

Protocol Quality

  This document was reviewed by Russ Housley and Sam Hartman for the IESG.