RFC 1108 (rfc1108) - Page 1 of 17


U



Alternative Format: Original Text Document



Network Working Group                                            S. Kent
Request for Comments: 1108                            BBN Communications
Obsoletes: RFC 1038                                        November 1991


                       U.S. Department of Defense
               Security Options for the Internet Protocol


Status of this Memo

   This RFC specifies an IAB standards track protocol for the Internet
   community, and requests discussion and suggestions for improvements.
   Please refer to the current edition of the "IAB Official Protocol
   Standards" for the standardization state and status of this protocol.
   Distribution of this memo is unlimited.

Abstract

   This RFC specifies the U.S. Department of Defense Basic Security
   Option and the top-level description of the Extended Security Option
   for use with the Internet Protocol.  This RFC obsoletes RFC 1038
   "Revised IP Security Option", dated January 1988.

1.  DoD Security Options Defined

   The following two internet protocol options are defined for use on
   Department of Defense (DoD) common user data networks:

   CF  CLASS  #  TYPE  LENGTH   DESCRIPTION

   1     0    2   130   var.    DoD Basic Security:  Used to carry the
                                classification level and protection
                                authority flags.


   1     0    5   133   var.    DoD Extended Security:  Used to carry
                                additional security information as
                                required by registered authorities.

   CF = Copy on Fragmentation

2.  DoD Basic Security Option

   This option identifies the U.S. classification level at which the
   datagram is to be protected and the authorities whose protection
   rules apply to each datagram.




Kent