"Housley, Russ" says: > Ron Rivest has stated that a shared secret at the front of a message is not > sufficient for authentication. I thought that I remembered this being > discussed ath the San Jose IETF. If you read the spec, we address the issue. The length of total IP packet is authenticated, so appending attacks are not possible. Perry