ABSTRACT
The IP Security Protocol Working Group (IPSec) was formed by the Internet Engineering Task Force
(IETF) in 1992 to develop a standardized method for implementing privacy and authentication services
on IP version 4 and the emerging version 6 protocols. There were several specific goals in mind. For the
architecture to be widely adopted it would have to be flexible. It must be able to accommodate changes in
cryptographic technology as well as the international restrictions on cryptographic use. Second, the
architecture must support all the client IP protocols (i.e., Transmission Control Protocol or TCP, User
Datagram Protocol or UDP) in standard or cast (i.e., multicast) modes. Third, it must be able to secure
communications between two hosts or multiple hosts, two subnets or multiple subnets, or a combination
of hosts and subnets. Finally, there had to be a method for automatically distributing the cryptographic
keys. This chapter will cover the key features of the IPSec security architecture, its major components,
and the minimum mandatory requirements for compliance.