[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP messages

To: ipsec@ans.net
Subject: Re: ICMP messages
From: smb@research.att.com
Date: Tue, 13 Feb 96 14:50:43 EST
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

	 Suppose say I want all packets going from host A to host B
	 encrypted/authenticated and an error occurs. The ICMP packet that I se
	nd
	 back will also be encrypted or authenticated and hence one will not be
	 able
	 to understand the ICMP messages as either an SPI is incorrect or the k
	eys
	 are incorrect.

	 Now, do we say that ICMP messages are not encrypted? In that case we c
	annot
	 say that all packets going from host A to host B are to be encrypted?

	 Thanks,

	 --Naganand
	 ----------------------------------------------------------------
	 naganand@ftp.com
	 Tel #: (508)659-6743 (O)

Worse yet, if an intermediate route generates the ICMP bounce, there
won't be enough information in the returned portion of the header to
tie it to a particular socket.

Prev by Date: Re: (mobile-ip) MD5 Key recovery attack
Next by Date: Re: ADMIN: Straw Poll Results on Key Mgmt
Prev by thread: ICMP messages
Next by thread: Re: ICMP messages
Index(es):
- Main
- Thread