The Use of RSA Signatures within ESP and AH

Document Type Replaced Internet-Draft (individual)
Last updated 2010-04-08 (latest revision 2003-08-07)
Replaced by draft-ietf-msec-ipsec-signatures
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html
Stream Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-msec-ipsec-signatures
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This memo describes the use of the RSA Signature algorithm [RSA] as an authentication algorithm within the revised IPSEC Encapsulating Security Payload [ESP] and the revised IPSEC Authentication Header [AH]. The use of a digital signature algorithm such as RSA provides origin authentication, even when ESP and AH are used to secure group data flows. Further information on the other components necessary for ESP and AH implementations is provided by [ROADMAP].


Brian Weis (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)