[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AH/ESP & Replay Protection

To: ipsec@ans.net
Subject: Re: AH/ESP & Replay Protection
From: Stephen Kent <kent@BBN.COM>
Date: Fri, 29 Dec 1995 10:14:24 -0500
Cc: rja@cisco.com, ipsec@ans.net
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

Phil,

        I think a major reason for the combinatorial complexity you allude
to in your message is because of the way in which ESP and the transforms
are currently separated.  If an integrity check and an IV were both
(optional) parts of the base ESP spec, then the transform specs would be
much cleaner and more easily separable.  The current structuring, in which
ESP is just a shell, tends to create more complexity at the next layer of
specification.

Steve

Prev by Date: Re: ICMP Security Failures
Next by Date: Re: AH/ESP & Replay Protection
Prev by thread: Re: AH/ESP & Replay Protection
Next by thread: Re: AH/ESP & Replay Protection
Index(es):
- Main
- Thread