[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to authenticate ESP (was risks of MACs)

To: Phil Karn <karn@qualcomm.com>
Subject: Re: How to authenticate ESP (was risks of MACs)
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 07 Feb 1995 08:04:28 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Mon, 06 Feb 1995 22:59:20 PST." <199502070659.WAA13113@servo.qualcomm.com>
Reply-To: perry@imsi.com


Phil Karn says:
> If you wanted an entity that could verify the authenticity of a packet
> without being able to read the contents, wouldn't it make more sense
> to run two nested IPSP associations, one for encryption that runs
> end-to-end and another for authentication only that runs, e.g, between
> two routers?

Of course -- but thats a different problem. I'm just trying to define
transforms for combining authentication and encryption from one
endpoint to the other.

Perry

References:

Re: How to authenticate ESP (was risks of MACs)

From: Phil Karn <karn@qualcomm.com>

Prev by Date: Re: How to authenticate ESP (was risks of MACs)
Next by Date: Re: comments on Photuris
Prev by thread: Re: How to authenticate ESP (was risks of MACs)
Next by thread: How to authenticate ESP (was risks of MACs)
Index(es):
- Main
- Thread