[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Alternative transform encapsulation scheme



There's a lot that needs to be rethought.  I could quite easily be
persuaded that we shouldn't, that we should simply decree that ESP
must be used only in conjunction with AH -- we've got to get this stuff
deployed ASAP.  One small change -- the addition of replay protection --
does seem to be needed, though.

> So will these forthcoming authentication+opacity transforms
> authenticate the outermost IP header the way AH does?  If they don't,

As David Wagner and I have pointed out before, in most contexts there's
little reason to authenticate the outer header.  Fields are either (a)
constant, in which case there's no reason to authenticate them, (b) too
variable, such as the checksum, (c) hop-by-hop (TTL), or (d) bound to
the key, in which case why bother.