Skip to main content

Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)
RFC 3686

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    ipsec mailing list <>, 
    ipsec chair <>
Subject: Protocol Action: 'Using AES Counter Mode With IPsec 
         ESP' to Proposed Standard 

The IESG has approved the following document:

- 'Using AES Counter Mode With IPsec ESP '
   <draft-ietf-ipsec-ciph-aes-ctr-06.txt> as a Proposed Standard

This document is the product of the IP Security Protocol Working Group. 

The IESG contact persons are Steve Bellovin and Tim Polk.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

This is a new cipher description for IPsec.  In particular, it describes how to 
use AES in counter mode within the ESP framework.  Counter mode is especially 
useful for very high speed implementations, since it can be parallelized very 
easily.  Counter mode is easily misused; however, this draft contains adequate 
warnings, cautions, and requirements to prevent such misue.

Working Group Summary

There was strong working group consensus to advance this document and it has a 
significant pull from the community, including groups that need high-speed IPsec.

Protocol Quality

This document was reviewed for the IESG by Steve Bellovin.

RFC Editor Note