[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Routing Header info of IPng against traffic analysis?

To: ipsec@TIS.COM
Subject: Routing Header info of IPng against traffic analysis?
From: Reto Haeni <reto@seas.gwu.edu>
Date: Mon, 22 Apr 1996 13:35:47 -0400
Sender: ipsec-approval@neptune.tis.com

Hi

As I was working through the IPng specifications, I realized that
no options are implemented to prevent traffic analysis in IPsec.

Could the Routing Header information been set up that the list of 
intermediate nodes changes when the system setting provide a
list of alternative routing paths? An error condition could arise
similar to the definition in the fragmentation header, if not all
packets are received to complete reassembly of the message within 60 
seconds (a long time but I think this would be a reasonable waiting
time if you are concerned about traffic analysis).

This would prevent most attempts to traffic analysis and complete
the good IPsec spec.

I am looking forward to your comments

greetings

Reto

------------------------------------------------------------------
at the George Washington University, Washington DC
reto@seas.gwu.edu

Follow-Ups:

Re: Routing Header info of IPng against traffic analysis?

From: "Perry E. Metzger" <perry@piermont.com>

Prev by Date: IETF Draft for ESP with stream ciphers
Next by Date: Re: Routing Header info of IPng against traffic analysis?
Prev by thread: Re: IETF Draft for ESP with stream ciphers
Next by thread: Re: Routing Header info of IPng against traffic analysis?
Index(es):
- Main
- Thread