[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AH/ESP & Replay Protection

To: ipsec@ans.net
Subject: Re: AH/ESP & Replay Protection
From: Ran Atkinson <rja@cisco.com>
Date: Tue, 26 Dec 1995 10:08:21 -0800

[Personal opinion]

All,

I am concerned about the potentially exponential increase in header
combinations that would be encouraged by having a separate replay
protection header.

I'd MUCH rather see a trend towards ESP transforms that provide more
capabilities (such as the combined transform that provides both
integrity and confidentiality) than towards more headers.  

Ignoring other concerns for the moment, implementation complexity increases
a lot when there are multiple headers that are interacting.  The greater
the implementation complexity, the higher the probability of interoperability
problems.

Regards,

Ran
rja@cisco.com

Follow-Ups:

Re: AH/ESP & Replay Protection

From: Phil Karn <karn@qualcomm.com>

Prev by Date: Re: AH/ESP / Replay Protection
Next by Date: I-D ACTION:draft-ietf-ipsec-skip-06.txt
Prev by thread: Re: AH/ESP / Replay Protection
Next by thread: Re: AH/ESP & Replay Protection
Index(es):
- Main
- Thread