{"draft":"draft-ietf-ipsecme-traffic-visibility-12","doc_id":"RFC5840","title":"Wrapped Encapsulating Security Payload (ESP) for Traffic Visibility","authors":["K. Grewal","G. Montenegro","M. Bhatia"],"format":["ASCII","HTML"],"page_count":"15","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"IP Security Maintenance and Extensions","abstract":"This document describes the Wrapped Encapsulating Security\r\nPayload (WESP) protocol, which builds on the Encapsulating\r\nSecurity Payload (ESP) RFC 4303 and is designed to allow\r\nintermediate devices to (1) ascertain if data confidentiality is\r\nbeing employed within ESP, and if not, (2) inspect the IPsec\r\npackets for network monitoring and access control functions.\r\nCurrently, in the IPsec ESP standard, there is no deterministic\r\nway to differentiate between encrypted and unencrypted payloads\r\nby simply examining a packet.  This poses certain challenges to\r\nthe intermediate devices that need to deep inspect the packet\r\nbefore making a decision on what should be done with that packet\r\n(Inspect and\/or Allow\/Drop).  The mechanism described in this\r\ndocument can be used to easily disambiguate integrity-only ESP\r\nfrom ESP-encrypted packets, without compromising on the security\r\nprovided by ESP.  [STANDARDS-TRACK]","pub_date":"April 2010","keywords":["[--------]","wesp"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5840","errata_url":null}