[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AH/ESP

To: ipsec@ans.net, caronni@tik.ee.ethz.ch
Subject: Re: AH/ESP
From: Ran Atkinson <rja@cisco.com>
Date: Fri, 22 Dec 1995 16:53:25 -0800


[Personal opinion]

Germano,

AH/ESP most certainly does support session keys (aka traffic keys) by using
multiple Security Associations.  AH/ESP also support multiple namespaces.  
Playback protection is a matter for the transforms at present, though that 
could be changed before Draft Standard IFF the WG wants to make that change 
and a specific proposal were made.  The playback protection in SKIP is IMHO 
not worth what it costs to implement (i.e. its VERY low rent protection
at present and not that hard to defeat).

Regards,

Ran
rja@cisco.com

Prev by Date: Re: ICMP Security Failures
Next by Date: Re: ICMP Security Failures
Prev by thread: Re: ESP over ESP
Next by thread: Re: AH/ESP / Replay Protection
Index(es):
- Main
- Thread