Re: Bellovin's and Ashar's attacks

[Danny.Nessett@eng.sun.com (Dan Nessett)]

Ran,

Your clarification that :

>  As an aside, one of the things I've not been good about making clear
>  in my notes is that my interest in user-oriented keying has much to do
>  with the use of ESP as a transport-layer encryptor.

raises a question in my mind. I'm not sure how an ESP protected packet can be
demultiplexed by the IP layer, so it can be routed to the appropriate transport
layer code, without first decrypting it. According to the I-D, the ESP header
contains no information that would allow this. Is there an implicit assumption
that the ESP "header" is actually the payload of an upper layer protocol field?

Dan

---

Follow-Ups:

• Re: Bellovin's and Ashar's attacks
• From: "Perry E. Metzger" <perry@imsi.com>

---

• Prev by Date: Security Association Mgmt
• Next by Date: Re: Bellovin's and Ahar's attacks
• Prev by thread: Re: Bellovin's and Ashar's attacks
• Next by thread: Re: Bellovin's and Ashar's attacks
• Index(es):
  • Main
  • Thread