[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SAIDs and formats

To: "PYRO::MARTIN" <MARTIN%PYRO.decnet@hydra.dra.hmg.gb>
Subject: Re: SAIDs and formats
From: Steve Kent <kent@BBN.COM>
Date: Thu, 04 Aug 94 14:53:27 -0400
Cc: ipsec <ipsec@ans.net>
In-Reply-To: Your message of 04 Aug 94 16:41:00 +0700. <199408041610.AA27086@interlock.ans.net>

Antony,

	I'm a bit puzzled by your diagram, since it doesn't match the
one Ran sent earlier this week.  Ran's showed algorithm-dependent (and
thus SAID-specified) IPSP control info both immediately after the SAID
and after the encapsulated protocol.  However, I didn't attend the
IPv6 meeting ypu refer to, so there is opportunity for confusion here.

	I believe the plan was that there would be two different
protocol IDs used: one for authentication (really integrity with
authentication based on key distribution) only, which will be carried
in the IPv6 header, and one for confidentiality and/or autehntication
and integrity, which will come after the IPv6 header, i.e., as a
legitimate next protocol layer.  Perhaps the header length format (and
thus size) constraint you described applies only to the first of these
two?

Steve

References:

SAIDs and formats

From: "PYRO::MARTIN" <MARTIN%PYRO.decnet@hydra.dra.hmg.gb>

Prev by Date: Re: reserving some SAIDs
Next by Date: Re: reserving some SAIDs
Prev by thread: SAIDs and formats
Next by thread: Re: SAIDs and formats
Index(es):
- Main
- Thread