[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AH in tunnel mode
>Is tunnelled AH prohibited anywhere? i.e.:
>
> IP[fw1,fw2] | AH | IP[src,dst] | ULP
>
>Since AH has a "next hop protocol" field, and a valid protocol is IP
>(protocol #4), this should work fine (It does in my code :-).
>
No, it is not prohibited anywhere. Just that it is not specificed anywhere!
--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)684-6743 (O)
To: "Mitchell C. Nelson" <nelson@mcn.netsec.com>
Cc: ipsec@TIS.COM
Subject: Re: "user" and "network layer", continuation and reply.
Reply-To: perry@piermont.com
X-Reposting-Policy: redistribute only with permission
Date: Wed, 21 Aug 1996 10:26:31 -0400
From: "Perry E. Metzger" <perry@piermont.com>
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
Message-ID: <9608211033.aa14042@neptune.TIS.COM>
"Mitchell C. Nelson" writes:
> My point is that the term "user" does not belong in a discussion
> of network layer security mechanisms.
I'm afraid it does, because security models have to deal with the
notion of user. See, for example, the entire issue of mutually hostile
users (and cut and paste attacks). Discussion of the security
properties of the system under such circumstances mandates the
inclusion of a notion of the user.
It is impossible to discuss the question of a cryptographic system's
security absent a discussion of which entities are doing the
encrypting and holding the keys.
As it stands, IPSEC has been engineered so that a key management
protocol (like Photuris or Oakley) may exchange keys that are assigned
TO USERS, and use them to set up SPIs for use with specific
machine-to-machine connections. You may feel that "this does not
belong" or some such, but I'm afraid its what we are doing, and
frankly I don't understand whats wrong with it.
Perry