RFC 1038 Draft Revised IP Security Option January 1988 9.3.15.3 DoD Basic Security. Option type: 130 Option length: variable; minimum length: 4 The option identifies the U.S. security level to which the datagram is to be protected, and the accrediting authorities whose protection rules apply to each datagram. The option is used by accredited trusted components of an internet to: a. Validate the datagram as appropriate for transmission from the source. b. Guarantee that the route taken by the datagram (including the destination) is protected to the level required by all indicated accrediting authorities. c. Supply common label information required by computer security models. This option must be copied on fragmentation. This option appears at most once in a datagram. The format of this option is as follows: +--------------+-----------+-------------+-------------//----------+ | 10000010 | XXXXXXXX | SSSSSSSS | AAAAAAA[1] AAAAAAA0 | | | | | [0] | +--------------+-----------+-------------+-------------//----------+ TYPE = 130 LENGTH CLASSIFICATION PROTECTION VARIABLE PROTECTION AUTHORITY LEVEL FLAGS FIGURE 10-A. SECURITY OPTION FORMAT 9.3.15.3.1 Length. The length of the option is variable. The minimum length option is 4. 9.3.15.3.2 Classification Protection Level. This field specifies the U.S. classification level to which the datagram should be protected. The information in the datagram should be assumed to be at this level until and unless it is regraded in accordance with the procedures of all indicated protecting St. Johns