Encapsulated Security Payload

In an environment where datagrams need to traverse multiple routers managed by other organizations, it is not enough if you verify the authenticity and integrity of a datagram transmitted over the Net. This is because the content of a datagram is visible to the intermediate devices through which it is transmitted. When you transmit software setup files or other nonclassified information, there is no problem if datagram content is visible. However, when sensitive information, such as bank account numbers or passwords, is transmitted, it needs to be hidden from the view of users who control the intermediate devices. This need calls for the implementation of another type of IP security header called Encapsulated Security ...

Get Special Edition Using TCP/IP, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.