[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-esp-01.txt (complete) ascii (fwd)
Kate Marika Alhola writes:
> One question about ESP and transport-mode sending encrypted datagrams.
> The ESP header contains only SPI, that is used to describe, what key is
> used to encrypt payload, the IP protocol id is ESP ( 50 ). The rest
> of ESP datatgram is opaque data.
>
> The Tunnel mode is clear, all IP datagram is in encrypted payload, including
> IP protocol ID, that descrips, what protocol (TCP/IP/ICMP) is used,
> but how this is done in transport mode ? The IP prptocol ID is now ESP,
> and only TCP/UDP/ICMP datagram is in the payload, where is protocol
> ID of the payload ?
The protocol ID of the ultimate payload is contained inside the
opaqued region. Its precise location is described in the documents for
each security transform.
Perry
References: