[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Authentication using ESP in Transport Mode

To: ipsec@TIS.COM
Subject: Authentication using ESP in Transport Mode
From: Steve_Rodney_at_HP7@rimail.interlan.com
Date: Fri, 05 Jul 96 11:29:03 EST
Encoding: 988 Text
MMDF-Warning: Parse error in original version of preceding line at neptune.TIS.COM
Sender: ipsec-approval@neptune.tis.com


     The latest Security Architecture for IP draft (4 June 96) changes the
     role of ESP from confidentiality only to confidentiality +
     authentication.  But, ESP in Transport Mode does not operate on the
     cleartext IP header.  So I still need to apply AH after ESP to provide
     end-to-end authentication of IP headers.  It is desirable to tweak the
     architecture so that authentication provided by ESP has the same
     security as authentication provided by AH. Then only a single security
     header is needed for end-to-end confidentiality + authentication.
     
     Steve
     
     =====================================================================
     Steve Rodney                       E-mail: SRODNEY@FTL03.RACAL.COM
     Racal-Datacom
     1601 N. Harrison Parkway           Phone:  1-954-846-6836
     Sunrise, Florida 33323-6836        Fax:    1-954-846-4942
     =====================================================================

Follow-Ups:

Re: Authentication using ESP in Transport Mode

From: Michael Richardson <mcr@milkyway.com>

Prev by Date: Re: Authentication using ESP in Transport Mode
Next by Date: Documentation Layering Structure
Prev by thread: Re: Authentication using ESP in Transport Mode
Next by thread: Re: Authentication using ESP in Transport Mode
Index(es):
- Main
- Thread