[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP AH code fragment from NRL

To: ipsec@ans.net
Subject: IP AH code fragment from NRL
From: Ran Atkinson <rja@bodhi.nrl.navy.mil>
Date: Tue, 15 Aug 1995 14:08:08 -0400
Reply-To: rja@cs.nrl.navy.mil
Sender: rja@bodhi.cs.nrl.navy.mil

IP Security WG Folks,

	I've gotten permission to put a longish code fragment from the
NRL implementation of IP Authentication Header (for IPv6 & IPv4) out
for anonymous ftp at the URL below:

	ftp://ftp.nrl.navy.mil/pub/security/ipsec

	This is copyrighted but freely distributable under the license
terms included at the front of the file.  It is part of our overall
implementation of IPv6 (including ESP and AH), IPv4 ESP, and IPv4 AH
inside 4.4-lite BSD.  We anticipate that our "alpha" release of all of
this software will be available this fall under these same terms.
NRL's work on IP Security is sponsored by ARPA/CSTO and SPAWAR.

	This is the code that Craig Metz has been discussing and is
posted primarily to refute by existence-proof the idea that it is too
hard to implement IP options processing as specified in the Proposed
Standard RFC.

	The posted code works.  Not all of the IP options supported by
our AH implementation are supported by the remainder of our IPv4
stack, which serves to demonstrate that one doesn't have to add full
support for all of the IPv4 options in order to process them properly
for AH.

	I will have some other AH comments coming in a few days as I
get time.  I've been gone unexpectedly for part of the summer and have
been busy writing code for the remainder of the summer.  I have to say
that writing code is among the more pleasant ways to spend one's days.

Regards,

Ran
rja@cs.nrl.navy.mil

Prev by Date: Re: Field Variance Analysis
Next by Date: Comments on IPSO and AH/ESP
Prev by thread: SKIP BOF minutes
Next by thread: Comments on IPSO and AH/ESP
Index(es):
- Main
- Thread