[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WG last call for IPv4 AH and ESP
Perry & Paul:
>> The IPv4-AH header that you propose meets the basic format
>> requirements of the IPv6-AH protocol. There is no need for both!
>
>Yes there is. The AH header is transparent, the ESP header is
>non-transparent. The need for both was discussed in enormous detail
>by Steve Bellovin in Toronto. It also follows our general attempts to
>be as reasonably compatible with the IPv6 formats as possible, which
>was also part of the Toronto consensus.
This topic was also discussed at great length in San Jose, but I do not
recall consensus. I recall emphatic assertion by a few loud voices.
Personally, I am not convinced that the Internet community is well served
by four network layer security protocols. IPv4-ESP, IPv4-AH, IPv6-ESP,
IPv6-AH is too much. Each of these specifies a different syntax for the
protocol data unit, and thus, each will require a different parser.
Clearly, the cryptographic routines can be common, but I do not think that
we will see ubiquitous implementation with this kind of diversity.
Russ
Follow-Ups: