IP Encapsulating Security Payload (ESP)

Document Type Expired Internet-Draft (ipsec WG)
Authors Stephen Kent  , Randall Atkinson 
Last updated 1997-03-28
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Encapsulating Security Payload (ESP) header is designed to provide a mix of optional security services in IPv4 and IPv6. ESP may be applied alone, in combination with the IP Authentication Header (AH) [KA97b], or in a nested fashion, e.g., through the use of tunnel mode (see below). Security services can be provided between a pair of communicating hosts, between a pair of communicating security gateways, or between a security gateway and a host. For more details on how to use ESP and AH in various network environments, see 'Security Architecture for the Internet Protocol' [KA97a].


Stephen Kent (kent@bbn.com)
Randall Atkinson (rja@extremenetworks.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)