[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG last call for IPv4 AH and ESP

To: atkinson@itd.nrl.navy.mil, karn@qualcomm.com
Subject: Re: WG last call for IPv4 AH and ESP
From: Danny.Nessett@eng.sun.com (Dan Nessett)
Date: Tue, 7 Mar 1995 07:42:30 -0800
Cc: Danny.Nessett@eng.sun.com, ipsec@ans.net

Phil,

I substantively agree with your statement :

>  About the only exception is ICMP source quench, which I might respond
>  to by temporarily throttling a TCP window. This presents some
>  opportunities to degrade quality of network service, but nothing
>  really serious.

but there is one other example of an ICMP message from a router that might
degrade quality of network service, specifically, "packet too big". I talked
with Erik Nordmark here at Sun and we concluded that ICMP messages from
intermediate routers probably need not be authenticated, except when
degradation of service is a high priority of the network customers. Of course,
authentication of ICMP messages from first hop routers and destination
hosts is another issue.

Dan

Prev by Date: unsubscribe
Next by Date: Proposed message on perfect forward security
Prev by thread: Re: WG last call for IPv4 AH and ESP
Next by thread: Re: WG last call for IPv4 AH and ESP
Index(es):
- Main
- Thread