Re: Multiple Transforms per SPI

["William Allen Simpson" <bsimpson@morningstar.com>]

> From: Oliver Spatscheck <spatsch@cs.arizona.edu>
> We agreed that it would be a good idea to limit the
> number of attributes in the identity message
> to one AH attribute and one ESP attribute for one SPI.
> The reasons are a clearer design and the fact that the
> session key used by multiple attribute choices would be the
> same.

Yes.  I will add explicit language to the draft.

In my version of the code, I simply had a while loop around the SPI
attribute list, and perform the listed attributes in order.  So, it was
not a problem in implementation.  But it did cause confusion, and would
be a worthwhile simplification.


> If somebody wants to use more then one ESP transform s/he
> should negotiate multiple SPIs and apply a set of SPIs to
> each package.
>
Yes.  This moves the problem back to the IP Protocol level (looping on
next header).

We also need some wording as to interpretation of ordering of the
attributes.  If the AH attribute comes before the ESP attribute, in my
code this will put the AH _inside_ the ESP.

Some folks have stated that the AH should always be _outside_ the ESP.
The current Security Architecture allows both orders.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

---

• Prev by Date: Matt Blaze: Paul Kocher's timing attack
• Next by Date: John Lull: Re: Paul Kocher's timing attack
• Prev by thread: Re: Matt Blaze: Paul Kocher's timing attack
• Next by thread: John Lull: Re: Paul Kocher's timing attack
• Index(es):
  • Main
  • Thread