[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG last call for IPv4 AH and ESP

To: Paul_Lambert-P15452@email.mot.com, perry@imsi.com
Subject: Re: WG last call for IPv4 AH and ESP
From: "Housley, Russ" <housley@spyrus.com>
Date: Mon, 27 Feb 95 09:17:42
Cc: ipsec@ans.net
Encoding: 1076 Text



Perry & Paul:

>> The IPv4-AH header that you propose meets the basic format
>> requirements of the IPv6-AH protocol.  There is no need for both! 
>
>Yes there is. The AH header is transparent, the ESP header is 
>non-transparent. The need for both was discussed in enormous detail 
>by Steve Bellovin in Toronto. It also follows our general attempts to 
>be as reasonably compatible with the IPv6 formats as possible, which 
>was also part of the Toronto consensus.

This topic was also discussed at great length in San Jose, but I do not 
recall consensus.  I recall emphatic assertion by a few loud voices.

Personally, I am not convinced that the Internet community is well served 
by four network layer security protocols.  IPv4-ESP, IPv4-AH, IPv6-ESP, 
IPv6-AH is too much.  Each of these specifies a different syntax for the 
protocol data unit, and thus, each will require a different parser.  
Clearly, the cryptographic routines can be common, but I do not think that 
we will see ubiquitous implementation with this kind of diversity.

Russ

Follow-Ups:

Re: WG last call for IPv4 AH and ESP

From: "Perry E. Metzger" <perry@imsi.com>

Prev by Date: Re: out-of-band key management is like virtual circuits
Next by Date: Re: WG last call for IPv4 MD5
Prev by thread: Re: WG last call for IPv4 AH and ESP
Next by thread: Re: WG last call for IPv4 AH and ESP
Index(es):
- Main
- Thread