[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP Security Failures

To: ipsec@ans.net
Subject: Re: ICMP Security Failures
From: daw@cs.berkeley.edu (David Wagner)
Date: Fri, 29 Dec 1995 16:26:20 -0500
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

>>Craig Metz <cmetz@sundance.itd.nrl.navy.mil> writes:
>>No, sadly, I don't think IP-AH-AH is safe to use with today's AH spec.
>	I never said it's safe. A layered implementation that fixes up the
>IP header as it goes along the processing path could do it, though. There's
>nothing explicitly saying in the spec that it could or couldn't be done.

But the spec is not clear enough to determine the correct algorithm
to use when doing IP-AH-AH processing; and there's more than one
possible algorithm you could use.

So the spec's ambiguity means that an ipsec-compliant implementation
had better not do IP-AH-AH!

I wish the spec would be clarified to either
- clearly disallow AH unless it directly follows an IP header, or
- clearly allow any & all nesting of AH, and specify which algorithm
  to use to calculate the Authentication Data.

(I guess it's a good thing Hilarie Orman for brought up the issue of
which nestings are valid!)

Prev by Date: Re: AH/ESP & Replay Protection
Next by Date: ESP and AH combinations
Prev by thread: Re: ICMP Security Failures
Next by thread: I-D ACTION:draft-ietf-ipsec-skip-05.txt
Index(es):
- Main
- Thread