Few SwiPe questions

[kate@digiw.fi (Kate Marika Alhola)]

I have read Swipe documents "The swIPe IP Security Protocol INTERNET DRAFT
John Ioannidis" and "The Architecture and Implementation of Network-Layer
Security Under Unix by John Ioannidis and Matt Blaze".

I have my own embedded router implementation, that is designed to implement
both Swipe and Tunneling.

Then few simple questions. The "Arhhitecture ..." document says, that 
Swipe uses IP protocol 94, that is defined IP over IP tunneling protocol,
and this number is reserved for it in RFC, but i can't find any more document
about it. I have not found any RFC about it, nor even any references
to any other ftp/www accessible documents about it. Is there
really any documents existing about it ? Is it same, that Cisco NOS 
encapsulated tunneling protocol, that is also non documented ?

I know, that may be diferent than IPIP, but i just like to see, 
are there implementation similarities, that io can use with both 
of them, and could i use ID field making diference between 
encrypted Swipe and clear-text proto 94 packets.

Then, in same document, there is DF (Dont Fragment) bit emphasized
with bold font (Figure 2). Does it menan something, does Swipe define, 
that encrypted datagrams should not fragmentted and both ends should
use MTU-discovery or other methods to avoid fragmenting.

Kate Alhola

---

Follow-Ups:

• Re: Few SwiPe questions
• From: "Perry E. Metzger" <perry@imsi.com>
• Re: Few SwiPe questions
• From: Phil Karn <karn@unix.ka9q.ampr.org>

---

• Prev by Date: Re: Human I&A, IPsec, and their non-relationship
• Next by Date: Re: randomness & perfect forward (or proactive?) secrecy
• Prev by thread: Re: Size of IV field in DES-CBC mode
• Next by thread: Re: Few SwiPe questions
• Index(es):
  • Main
  • Thread