security
Click on the red underlined text to get to the source
... scenarios that can be addressed by IPsec and assumptions made by this
document for successful IPsec Security Association (SA)
establishment. Section 5 gives the details of Internet Key Exchange ...
... IPsec) exchange with packet formats and
Security Policy Database (SPD) entries. Section 6 gives
recommendations. Appendices further discuss tunnel mode ...
... some form of opportunistic encryption or "better-than-nothing
security" might or might not be applicable. Similarly, propagating
quality-of-service attributes (apart from Explicit Congestion
Notification ...
...
This memo proposes using IPsec for providing stronger security in
preventing these threats and additionally providing integrity,
...
... IPsec transform (e.g., ESP) and then matches the packet against
the Security Parameter Index (SPI) and the inbound selectors
associated with the SA ...
... This section discusses the different versions of the IKE and IPsec
security architecture and their applicability to this document.
...
... architecture and their applicability to this document.
The IPsec security architecture was previously defined in [RFC2401]
...
... Security Considerations ...
... spoofing the
source address (data plane security), or if the tunnel is signaled
somehow (e.g., using authentication protocol ...
... IPsec framework plays an important role in adding security to
both the protocol for tunnel setup and data traffic ...
... access control mechanisms through the distribution of
keys and also through the application of policies dictated by the
Security Policy Database (SPD).
...
... Kent, S. and R. Atkinson, "Security Architecture for the Internet Protocol", RFC 2401(-> 4301prop), November 1998. ...
... Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301prop, December 2005. ...
... IP addresses frequently. However, as the outer address may
change, this might introduce new security issues, and using
tunnel mode would be most appropriate.
...