This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 15 and 28 (spanning 13 versions)
Revision 15 as of 2006-03-29 13:33:12
Size: 911
Comment:
Revision 28 as of 2008-04-12 17:51:29
Size: 1524
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 7: Line 7:
The currently used version of IPsec (or more specifically IKE) is version 1, which is specified in RFCs
2401-2412 (plus some more).
 
Version 2 of IPsec is mainly described by the three following RFCs. Note though, that there are very few products that already implement IPsec version 2.
Line 8: Line 12:
Currently IPsec is mainly described by the three followings RFCs:  * [[http://www.ietf.org/rfc/rfc4301.txt|RFC4301]], Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.
Line 10: Line 14:
* RFC4301, Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.  * [[http://www.ietf.org/rfc/rfc4302.txt|RFC4302]], IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.
Line 12: Line 16:
* RFC4302, IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.  * [[http://www.ietf.org/rfc/rfc4303.txt|RFC4303]], IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD.
Line 14: Line 18:
* RFC4303, IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD. The Algorithms to use and their requirements are described in [[http://www.ietf.org/rfc/rfc4305.txt|RFC4305]]: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload ([[ESP]]) and Authentication Header ([[AH]]), D. Eastlake 3rd, December 2005, PROPOSED STANDARD.
Line 16: Line 20:
The Algorithms to use and their requirements are described in RFC4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), D. Eastlake 3rd, December 2005, PROPOSED STANDARD. You also may use some other Cryptographic Algorithms (have a look at the IANA for some other examples).
Line 18: Line 22:
You also may use some others Cryptographic Algorithm (have a look at the IANA for some other examples). == Wireshark ==
If linked with Libcrypt Wireshark provides some advanced features such as Decryption of ESP Payloads and/or Authentication Checking. see [[ESP_Preferences]]

Is this true for Win32? ''UlfLamping''

IPsec (Internet Protocol Security)

A set of protocols developed by the IETF to support secure exchange of packets at the IP layer.

IPsec Algorithms And Keys

The currently used version of IPsec (or more specifically IKE) is version 1, which is specified in RFCs 2401-2412 (plus some more).

Version 2 of IPsec is mainly described by the three following RFCs. Note though, that there are very few products that already implement IPsec version 2.

  • RFC4301, Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.

  • RFC4302, IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.

  • RFC4303, IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD.

The Algorithms to use and their requirements are described in RFC4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), D. Eastlake 3rd, December 2005, PROPOSED STANDARD.

You also may use some other Cryptographic Algorithms (have a look at the IANA for some other examples).

Wireshark

If linked with Libcrypt Wireshark provides some advanced features such as Decryption of ESP Payloads and/or Authentication Checking. see ESP_Preferences

Is this true for Win32? UlfLamping

IPsec (last edited 2008-04-12 17:51:29 by localhost)