[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP Security Failures

To: ipsec@ans.net
Subject: Re: ICMP Security Failures
From: Craig Metz <cmetz@sundance.itd.nrl.navy.mil>
Date: Wed, 27 Dec 1995 16:23:36 -0500
In-Reply-To: Your message of "Wed, 27 Dec 1995 12:52:15 MST." <9512271952.AA19612@uncial.CS.Arizona.EDU>
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

In message <9512271952.AA19612@uncial.CS.Arizona.EDU>, Hilarie Orman writes:
>Some combinations may not be possible, due to ambiguities in
>processing order.  For example, IP-AH-AH or IP-ESP-AH.

	I think IP-AH-AH is valid, though maybe not very useful. You
would process those in order, i.e., the first AH would cover the payload,
and the second AH would cover the first AH and the payload.

	I don't think IP-ESP-AH is valid -- it would have to be IP-ESP-IP-AH.

									-Craig

Follow-Ups:

Re: ICMP Security Failures

From: Hilarie Orman <ho@cs.arizona.edu>

References:

Re: ICMP Security Failures

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: Out of office 12/20-12/27
Next by Date: Re: ICMP Security Failures
Prev by thread: Re: ICMP Security Failures
Next by thread: Re: ICMP Security Failures
Index(es):
- Main
- Thread