[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Granularity of authentication in swIPe

To: Ashar Aziz <ashar@miraj.firstperson.com>
Subject: Re: Granularity of authentication in swIPe
From: Steve Kent <kent@BBN.COM>
Date: Fri, 24 Jun 94 18:41:15 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of Thu, 23 Jun 94 17:43:43 -0700. <9406240043.AA21052@miraj.Eng.Sun.COM>

Ashar,

	The ability to use the last block as an IV varies depending on
the crypto interface.  Some implementations allow it, others don't.
You don't want to hold up a packet waiting for the requisite
precursors to arrive, since that would violate IP and would kill
applications like packet voice and video.  So, if you don't carry
an IV on each packet, you run the risk that out of order arrival 
and/or packet loss will cause problems.

Steve

References:

Re: Granularity of authentication in swIPe

From: ashar@miraj.firstperson.com (Ashar Aziz)

Prev by Date: Re: Granularity of authentication in swIPe
Next by Date: Re: swIPe comments
Prev by thread: Re: Granularity of authentication in swIPe
Next by thread: Re[4]: Granularity of authentication in swIPe
Index(es):
- Main
- Thread